Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SDK quickstart structure (done on NodeJS) #373

Merged
merged 18 commits into from
Jul 15, 2024
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions docs/authentication/cognito/permit-integration.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,14 @@ For example, many simple RBAC applications will have three roles: `admin`, `edit

:::

Setting up roles and resources can be done through the [Permit dashboard](https://app.permit.io/policy-editor/roles), by using the [Permit API](https://api.permit.io/v2/redoc#tag/Roles/operation/create_role), or [with one of our SDKs]( /sdk/sdks-overview).
Setting up roles and resources can be done through the [Permit dashboard](https://app.permit.io/policy-editor/roles), by using the [Permit API](https://api.permit.io/v2/redoc#tag/Roles/operation/create_role), or [with one of our SDKs](/sdk/sdks-overview).
You can also follow this [Permit RBAC guide](https://www.permit.io/blog/planning-app-rbac)

### 1.2. Create the right resources in Permit

Create a corresponding resource in Permit for each of your application's resources. For instance, if your app has a user management section, you will need a `user` resource with `create`, `delete`, and `get` actions. If you have a task management section, you need a `task` resource with `create`, `delete`, `get`, and `check` actions.

Setting up resources can be done through the [Permit dashboard](https://app.permit.io/policy-editor/resources), by using the [Permit API](https://api.permit.io/v2/redoc#tag/Roles/operation/create_resource), or [with one of our SDKs]( /sdk/sdks-overview).
Setting up resources can be done through the [Permit dashboard](https://app.permit.io/policy-editor/resources), by using the [Permit API](https://api.permit.io/v2/redoc#tag/Roles/operation/create_resource), or [with one of our SDKs](/sdk/sdks-overview).

### 1.3. Set up the right permissions in Permit.io:

Expand All @@ -71,12 +71,12 @@ Here we show an example of syncing the user if we see the code query parameter i
```js
// frontend/app.mjs
if (searchParams.get("code") !== null) {
//...
const syncUser = await fetch("api/sync", {
method: "POST",
headers: new Headers({ Authorization: `Bearer ${tokens.access_token}` }),
});
//...
//...
const syncUser = await fetch("api/sync", {
method: "POST",
headers: new Headers({ Authorization: `Bearer ${tokens.access_token}` }),
});
//...
}
```

Expand Down Expand Up @@ -197,4 +197,4 @@ Now revoke some of the permissions in the Permit dashboard and try to perform th
## 4. Next steps

- [Check out the demo app explanation](/authentication/cognito/cognito-demo-app)
- [For production use container / sidecar PDP](/sdk/nodejs/quickstart-nodejs/#2-setup-your-pdp-policy-decision-point-container)
- [For production use container / sidecar PDP](/sdk/nodejs/quickstart-nodejs)
4 changes: 1 addition & 3 deletions docs/sdk/nodejs/quickstart-nodejs.mdx
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
# NodeJS Quickstart

import IntroContent from "@site/docs/getting-started/_quickstart-parts/_quickstart_intro.mdx";
import NodeJSExample from "@site/docs/getting-started/_quickstart-parts/_quickstart_nodejs.mdx";
import NodeJSExample from "@site/docs/sdk/quickstart-by-language/quickstart-nodejs.mdx";

<IntroContent />
<NodeJSExample />
156 changes: 156 additions & 0 deletions docs/sdk/quickstart-by-language/quickstart-nodejs.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,156 @@
---
sidebar_position: 1
title: Permit NodeJS SDK
---

Working with the Permit.io Node.js SDK enables developers to seamlessly integrate robust authorization management into their
applications. This SDK simplifies the implementation of fine-grained access controls, whether you're managing user roles with
RBAC, policies with ABAC, or relationships with ReBAC.

:::note Prerequisites:
filipermit marked this conversation as resolved.
Show resolved Hide resolved
This tutorial is for users who have already set up at least one policy in Permit.io. If you haven't done so yet,
please refer to [this guide](/quickstart) first.
:::

## Adding the Permit.io Node SDK to your project

### 1. Install the Permit.io SDK

To start, you need to install the Permit.io SDK in your project. Open your terminal and run the following command:

```sh
npm install permitio
```

This will add the Permit.io SDK to your project, allowing you to integrate authorization management seamlessly.

### 2. Import the SDK into your code

After installing the SDK, you need to import it into your application.
filipermit marked this conversation as resolved.
Show resolved Hide resolved

### 3. Create a new Instance of the SDK

Next, create a new instance of the Permit SDK. You'll need a secret API key, which you can obtain by following the instructions
filipermit marked this conversation as resolved.
Show resolved Hide resolved
provided in the setup section of the Permit.io documentation.

```javascript
const permit = new Permit({
token: "[YOUR_API_KEY]",
pdp: "http://localhost:7766",
});
```

Replace "YOUR_API_KEY" with the actual API key you obtained. Find instructions how to fetch your API key here.
filipermit marked this conversation as resolved.
Show resolved Hide resolved

## The fundamental functionality - Checking for permissions

`permit.check()` is the fundamental SDK function that controls the enforcement in your application level code. It acts as a guard of who
filipermit marked this conversation as resolved.
Show resolved Hide resolved
can do what, based on the policy that you defined.

Each user, once his identity is verified by the authentication provider, gets issued a session. During this session, his unique id
obtained from the JWT (JSON Web Token), which is synced to Permit, maps to a specific role within the Policy.

Each role has a set of rules that were pre-defined, which a policy engine can understand, evaluate, and therefore return if the user
is permitted or not, based on the user id, action and resource passed into the SDK function.

You can run a permission check with permit.check(), passing in 3 arguments:

- `user`: a unique string id that identifies the user doing the action (and the currently logged in user).
- `action`: the action performed.
- `resource`: the resource (object) the action is performed on.

In the following example we are checking that a user with the unique id `john@smith.com` can `read` a `document`.

filipermit marked this conversation as resolved.
Show resolved Hide resolved
```javascript
const permitted = await permit.check("john@permit.io", "read", "document");

if (permitted) {
console.log("John is PERMITTED to read a document");
} else {
console.log("John is NOT PERMITTED to read a document");
}
```

## Other basic functionality with the SDK
filipermit marked this conversation as resolved.
Show resolved Hide resolved

In this quickstart, we'll introduce you to some core Permit.io functionality using the SDK. As you'll see, the SDK is designed to
filipermit marked this conversation as resolved.
Show resolved Hide resolved
be simple and logical, making it easy to develop and manage policies.

### Creating a resource

A resource is the fundamental building block of a policy. It's what the user can interact with. It could be a 'document', a 'building'
or even a 'patient health record'.

```javascript
await permit.api.resource.create({
filipermit marked this conversation as resolved.
Show resolved Hide resolved
key: "repository",
name: "Repository",
actions: {
clone: {},
push: {},
view: {},
},
});
```

### Creating a new role with permissions

A role defines a set of resources and the specific actions a user can perform on those resources. A user can only perform these
actions if they have been assigned the corresponding role.

````javascript
await permit.api.roles.create({
key: "manager",
name: "Manager",
permissions: [
"repository:clone",
"repository:view",
],
});```
````

### Assigning a role
filipermit marked this conversation as resolved.
Show resolved Hide resolved

A role assignment, as the name suggests, assigns a specific role with defined permissions to a user identity. This role assignment
is specific to a particular tenant.

```javascript
await permit.api.roleAssignments.assign({
user,
role,
tenant: "default",
});
```

## Working with the basic SDK functionality

For a comprehensive overview of basic SDK functionality, please refer to the essential list of SDK functions available
filipermit marked this conversation as resolved.
Show resolved Hide resolved
[here](/category/nodejs).

filipermit marked this conversation as resolved.
Show resolved Hide resolved
## Working with the full SDK specification

As part of your IDE (Integrated Development Environment), we highly suggest that you install an extension (such as **Tabnine** or
filipermit marked this conversation as resolved.
Show resolved Hide resolved
**GitHub Copilot**) that offers IntelliSense capabilities. With that setup, it will greatly improve your workflow by auto-suggesting
the available functions you might need as part of the implementation you are working on, allowing you to quickly learn and experience
the whole SDK.

<img src="/ui-videos/sdk/intellisense.png" alt="Auto suggested function" data-zoomable />

IntelliSense provides intelligent code completion, parameter info, quick info, and member lists. This makes it incredibly useful for
SDK discovery and usage for several reasons:

- `Enhanced Productivity`: IntelliSense reduces the amount of time spent typing and searching for function names or documentation.
It auto-completes code snippets and suggests the next steps, speeding up the development process.

- `Error Reduction`: By suggesting correct function names and parameters, IntelliSense helps avoid common typos and syntax errors,
ensuring that your code runs smoothly.

- `Learning Aid`: IntelliSense acts as an interactive guide, showing you available methods and properties as you type. This is especially
beneficial when working with a new SDK, as it helps you explore and understand the SDK's capabilities without constantly referring to
external documentation.

- `Contextual Awareness`: IntelliSense provides suggestions based on the current context of your code, making it easier to find relevant
functions and methods quickly. This contextual awareness streamlines coding, particularly in complex projects with multiple SDKs.
- `Comprehensive Documentation`: Integrated documentation snippets and parameter information make it easier to understand what each
function does and how to use it effectively. This immediate access to information enhances comprehension and implementation
efficiency.
filipermit marked this conversation as resolved.
Show resolved Hide resolved
Binary file added static/ui-videos/sdk/intellisense.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.