Checking user permissions for an application or its features via SDK
When developing a web application, managing user access to different features or components based on their permissions is essential. The Peak SDK provides a streamlined way to check these permissions programmatically.
Initializing and using the User Client
To check if a user has access to perform certain actions on an application or its features, you first need to initialize the User Client with an authentication token. You can do this by creating a custom session with the correct authentication token of the user. Note that API_KEY
cannot be used in this operation, instead, a user’s Personal Access Token (PAT)
or Bearer Token
should be used.
from peak import Session
from peak.resources import users
custom_session = Session(auth_token="<your_auth_token>")
user_client = users.get_client(session=custom_session)
feature_actions = {
"FEATURE.SUBFEATURE": "write",
"ANOTHER FEATURE.ANOTHER SUBFEATURE": "read",
}
permissions = user_client.check_permissions(feature_actions)
The check_permissions
method takes a dictionary of feature paths and their corresponding actions. It returns a dictionary with the same keys as the input dictionary, and the value for each key is a boolean indicating whether the user has the permission to perform the given action on the given feature.
{
"FEATURE.SUBFEATURE": True,
"ANOTHER FEATURE.ANOTHER SUBFEATURE": False,
}
Integrating Permissions into your Application
With the check_permissions
method, you can easily integrate user permissions into your application. For example, you can use it to enable or disable certain buttons or features based on the user’s permissions.
permissions = user_client.check_permissions(feature_actions)
if permissions["FEATURE.SUBFEATURE"]:
# Enable the button
pass
else:
# Disable the button
pass
This way, you can ensure that your application only shows the features that the user has permission to access.