Shawn McGuire
02/15/2024, 8:15 PMAri Zellner
02/18/2024, 2:23 PMRinat Sharipov
02/20/2024, 11:55 AMRinat Sharipov
02/20/2024, 11:55 AMBenny O'Neill
02/20/2024, 3:44 PMOmer Malik
02/20/2024, 7:34 PMLuiz da Silva
02/22/2024, 10:12 PMpermit.api.users.get(userId.toString())
). I want to silently know if they don't exist by catching errors like err.response?.status *===* 404
, but it seems it still logs the error anyways. Is there a way to circumvent that or an "user exists" function?Omer Malik
02/27/2024, 1:32 AMSlackbot
02/28/2024, 4:38 AMKrishnaprasad M.
03/04/2024, 5:52 AMPieter Engelbrecht
03/07/2024, 11:46 AMMichaela Sekaninová
03/07/2024, 3:50 PMcheck
from Java sdk evaluates setup permissions successfully and user is allowed/denied correctly therefore the policy setup should be correct.
I assumed that calling getUserPermission (with userId only) should be sufficient to return all user permissions based on ReBAC configuration.
Am I missing something (e.g. getUserPermissions
needs more attributes than just userId) or this behavior is not supported?Tyler Queen
03/13/2024, 11:29 PMLuiz da Silva
03/14/2024, 12:10 AMMatteo Bortolazzo
03/14/2024, 4:23 PMPieter Engelbrecht
03/15/2024, 9:18 AMMiruna Encea
03/15/2024, 3:45 PMDavid Bono
03/18/2024, 6:11 PMPieter Engelbrecht
03/19/2024, 11:28 AMSean
03/19/2024, 6:50 PMGET /tenants/{tenantID}/customers
, which lists the customer names but without any actual data;
• Endpoint 2. we need to have an endpoint of GET /tenants/{tenantID}/customers/{customerID}
, which lists the actual data of the specific customer's actual data;
I think I understand how to implement the protection of Endpoint 2 with Permit.io for both role A and role B; but for Endpoint 1, how can I do the right thing to make sure role B does not see customers that he/she should not see?Tyler Queen
03/20/2024, 2:20 PMCameron Sechrist
03/20/2024, 8:25 PM{
"level": "error",
"ts": 1710965579.320337,
"caller": "enforcement/check.go:66",
"msg": "{\"detail\":\"OPA request timed out (url: <http://localhost:8181/v1/data/permit/root>, timeout: 1.0s)\"}",
"error": "ErrorCode: UnexpectedError, ErrorType: general_error, Message: An unexpected error happened.",
"stacktrace": "<http://github.com/permitio/permit-golang/pkg/enforcement.(*PermitEnforcer).parseResponse|github.com/permitio/permit-golang/pkg/enforcement.(*PermitEnforcer).parseResponse>\n\t/go/pkg/mod/github.com/permitio/permit-golang@v1.0.7/pkg/enforcement/check.go:66\ngithub.com/permitio/permit-golang/pkg/enforcement.(*PermitEnforcer).Check\n\t/go/pkg/mod/github.com/permitio/permit-golang@v1.0.7/pkg/enforcement/check.go:118\ngithub.com/permitio/permit-golang/pkg/permit.(*Client).Check\n\t/go/pkg/mod/github.com/permitio/permit-golang@v1.0.7/pkg/permit/permit.go:36\nhightide.com/backend/packages/core/auth.(*AuthContext).PermissionCheck\n\t/build/packages/core/auth/permission_check.go:40\nhightide.com/backend/services/objects_service/internal/servers.graphqlHandler.NewSchema.PermissionCheckDirective.func5\n\t/build/packages/core/strml_schemas/directives/permission_required.go:40\nhightide.com/backend/services/objects_service/internal/graph/generated.(*executionContext)._RecordValue_companyUser.func2.3\n\t/build/services/objects_service/internal/graph/generated/generated.go:37073\nhightide.com/backend/services/objects_service/internal/graph/generated.(*executionContext)._RecordValue_companyUser.func2\n\t/build/services/objects_service/internal/graph/generated/generated.go:37076\ngithub.com/99designs/gqlgen/graphql/executor.processExtensions.func4\n\t/go/pkg/mod/github.com/99designs/gqlgen@v0.17.44/graphql/executor/extensions.go:72\ngithub.com/99designs/gqlgen/graphql/executor.processExtensions.func8.1\n\t/go/pkg/mod/github.com/99designs/gqlgen@v0.17.44/graphql/executor/extensions.go:110\ngopkg.in/DataDog/dd-trace-go.v1/contrib/99designs/gqlgen.(*gqlTracer).InterceptField\n\t/go/pkg/mod/gopkg.in/!data!dog/dd-trace-go.v1@v1.60.1/contrib/99designs/gqlgen/tracer.go:160\ngithub.com/99designs/gqlgen/graphql/executor.processExtensions.func8\n\t/go/pkg/mod/github.com/99designs/gqlgen@v0.17.44/graphql/executor/extensions.go:109\nhightide.com/backend/services/objects_service/internal/graph/generated.(*executionContext)._RecordValue_companyUser\n\t/build/services/objects_service/internal/graph/generated/generated.go:37046\nhightide.com/backend/services/objects_service/internal/graph/generated.(*executionContext)._RecordValue.func7\n\t/build/services/objects_service/internal/graph/generated/generated.go:72132\nhightide.com/backend/services/objects_service/internal/graph/generated.(*executionContext)._RecordValue.func9\n\t/build/services/objects_service/internal/graph/generated/generated.go:72155\ngithub.com/99designs/gqlgen/graphql.(*FieldSet).Dispatch.func1\n\t/go/pkg/mod/github.com/99designs/gqlgen@v0.17.44/graphql/fieldset.go:50"
}
[4:14 PM] Any insight you might have would be super duper helpful!Pieter Engelbrecht
03/21/2024, 9:16 AMShiran Maor
03/22/2024, 8:59 PMRinat Sharipov
03/23/2024, 1:06 PMresource instances
into PDP
• does PDP container has integrations with caches/ databases where resource instances
can be stored
• what is the best option to upload resource instances
there, VIA api directly into permit cloud and then they will be fetched into PDP or I can upload them directly into PDP, if so, how ?
• can you please provide some documentation or videos about this topics ?Omer Malik
03/26/2024, 8:22 PMTyler Queen
03/26/2024, 8:24 PMBenny O'Neill
03/27/2024, 11:14 AMAndrii Kononenko
03/27/2024, 3:14 PMABAC
policies. I’ve heard that your API
can return boolean expressions
.
Does your .NET SDK
provide this API
, I was able to find one example but nothing in .NET SDK
allowedResources, err = permit.FilterObjects(user, action, requestContext, resourcesToCheck...)
Also I cannot figure it out how to add relationships in .NET SDK
I see this but it doesn’t help cause class appears to be empty
[GeneratedCode("NJsonSchema", "13.16.1.0 (NJsonSchema v10.7.2.0 (Newtonsoft.Json v13.0.0.0))")]
public class RelationsBlock
{
}
other examples demonstrate this
await permit.api.relationshipTuples.create({
subject: `account:harry`,
object: `plan:harry`,
relation: "parent",
tenant: "default",
})
appreciate your helpDavid Bono
03/27/2024, 3:39 PM