Version: 2.0.0

Node.js SDK Examples

Init the SDK

import { Permit } from "permitio";

const permit = new Permit({
  // the API key to the Permit environment you wish to connect to
  token: "<YOUR_API_KEY>",
  // the url in which the SDK can connect to the PDP container
  pdp: "http://localhost:7766",
  // use this to turn on sdk logs
  log: {
    level: "debug",
  },
});

Resources

Create a resource

import { Permit, ResourceRead } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const document: ResourceRead = await permit.api.resources.create({
  key: "document",
  name: "Document",
  urn: "prn:gdrive:document",
  description: "google drive document",
  actions: {
    create: {},
    read: {},
    update: {},
    delete: {},
  },
  attributes: {
    private: {
      type: "bool",
      description: "whether the document is private",
    },
  },
});

Update a resource

import { Permit, ResourceRead, ResourceUpdate } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const document: ResourceRead = await permit.api.resources.update(
  "document",
  // the resource fields to update (type: ResourceUpdate)
  {
    description: "google drive document",
  }
);

List all resources

import { Permit, ResourceRead } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const resources: ResourceRead[] = await permit.api.resources.list();

Get a resource

Get a resource with key document:

import { Permit, ResourceRead } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const document: ResourceRead = await permit.api.resources.get("document");

Error handling

import { Permit, PermitApiError } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

// handle not found error
try {
  await permit.api.resources.get("nosuchresource");
} catch (error) {
  if (error instanceof PermitApiError) {
    if (error.response?.status === 404) {
      console.log(`not found!`);
    } else {
      // ...
    }
  }
}

// handle cannot create object due to key conflict:
try {
  await permit.api.resources.create({
    key: "document",
    name: "Document",
    actions: {
      create: {},
      read: {},
      update: {},
      delete: {},
    },
  });
} catch (error) {
  if (error instanceof PermitApiError) {
    if (error.response?.status === 409) {
      console.log(`already exists!`);
    } else {
      // ...
    }
  }
}

Roles

Create a role

import { Permit, RoleRead } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const admin: RoleRead = await permit.api.roles.create({
  key: "admin",
  name: "Admin",
  description: "an admin role",
  permissions: ["document:create", "document:read"],
});

Tenants

Create a tenant

import { Permit, TenantRead } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const tenant: TenantRead = await permit.api.tenants.create({
  key: "tesla",
  name: "Tesla Inc",
  description: "The car company",
});

Users

Create or update a user (sync user)

import { Permit } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

// if created, initially the user will have no assigned roles
// in order to assign roles, call `permit.api.users.assignRole`
const { user } = await permit.api.users.sync({
  key: "auth0|elon",
  email: "elonmusk@tesla.com",
  first_name: "Elon",
  last_name: "Musk",
  attributes: {
    age: 50,
    favoriteColor: "red",
  },
});

Role Assignments

Assign a role to a user in a tenant

import { Permit } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

const ra = await permit.api.users.assignRole({
  user: "auth0|elon",
  role: "viewer",
  tenant: "tesla",
});

Checking Permissions

import { Permit } from "permitio";

const permit = new Permit({ token: "<YOUR_API_KEY>" });

// in order to be permitted according to the RBAC policy, a few conditions must be met:
// 1) the user must exist in the permit system (you called sync user before)
// 2) the checked resource belongs to tenant X
// 3) the user has an assigned role in tenant X (the user must have at
// least one assigned role in the tenant that contains the resource)
// 4) the role assigned to the user must have the permission to perform
// the checked action on the checked resource
const permitted = await permit.check(
  // the user key
  "auth0|elon",
  // the action
  "create",
  // the resource
  {
    // the type of the resource (resource.key)
    type: "document",
    // the tenant that contains the resource
    tenant: "tesla",
  }
);

if (permitted) {
  console.log("permitted");
} else {
  console.log("denied");
}

Node.js SDK Examples

Init the SDK​

Resources​

Create a resource​

Update a resource​

List all resources​

Get a resource​

Error handling​

Roles​

Create a role​

Tenants​

Create a tenant​

Users​

Create or update a user (sync user)​

Role Assignments​

Assign a role to a user in a tenant​

Checking Permissions​

Contents

Init the SDK

Resources

Create a resource

Update a resource

List all resources

Get a resource

Error handling

Roles

Create a role

Tenants

Create a tenant

Users

Create or update a user (sync user)

Role Assignments

Assign a role to a user in a tenant

Checking Permissions