Checking user permissions for an application or its features via SDK

When developing a web application, managing user access to different features or components based on their permissions is essential. The Peak SDK provides a streamlined way to check these permissions programmatically.

Initializing and using the User Client

To check if a user has access to perform certain actions on an application or its features, you first need to initialize the User Client with an authentication token. You can do this by creating a custom session with the correct authentication token of the user. Note that API_KEY cannot be used in this operation, instead, a user’s Personal Access Token (PAT) or Bearer Token should be used.

from peak import Session
from peak.resources import users

custom_session = Session(auth_token="<your_auth_token>")
user_client = users.get_client(session=custom_session)

feature_actions = {
    "FEATURE.SUBFEATURE": "write",
    "ANOTHER FEATURE.ANOTHER SUBFEATURE": "read",
}

permissions = user_client.check_permissions(feature_actions)

The check_permissions method takes a dictionary of feature paths and their corresponding actions. It returns a dictionary with the same keys as the input dictionary, and the value for each key is a boolean indicating whether the user has the permission to perform the given action on the given feature.

{
    "FEATURE.SUBFEATURE": True,
    "ANOTHER FEATURE.ANOTHER SUBFEATURE": False,
}

Integrating Permissions into your Application

With the check_permissions method, you can easily integrate user permissions into your application. For example, you can use it to enable or disable certain buttons or features based on the user’s permissions.

permissions = user_client.check_permissions(feature_actions)

if permissions["FEATURE.SUBFEATURE"]:
    # Enable the button
    pass
else:
    # Disable the button
    pass

This way, you can ensure that your application only shows the features that the user has permission to access.