From 91c788d9a28b73d5b42645690607a12e8fca225e Mon Sep 17 00:00:00 2001 From: gideonsmila Date: Mon, 23 Dec 2024 10:25:23 +0200 Subject: [PATCH] Make example more simple + add info about why to use getUserPermissionsWithOPA --- .../enforce-permissions/user-permissions.mdx | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/docs/how-to/enforce-permissions/user-permissions.mdx b/docs/how-to/enforce-permissions/user-permissions.mdx index 8ad045be..9cfe8bb8 100644 --- a/docs/how-to/enforce-permissions/user-permissions.mdx +++ b/docs/how-to/enforce-permissions/user-permissions.mdx @@ -163,10 +163,15 @@ UserPermissions permissions = permit.getUserPermissions( ## Get user permissions directly from opa -:::info Info +:::info Note This feature is not supported when using FactDB and should not be used with FactDB enabled on the PDP ::: +:::info Info +When experiencing high load, it may be more efficient to call the OPA engine directly from the SDK. +Please note that to enable this, you will need to expose the OPA port (8181). +::: + ```java import io.permit.sdk.Permit; import io.permit.sdk.PermitConfig; @@ -179,16 +184,9 @@ Permit permit = new Permit( new PermitConfig.Builder("[YOUR_API_KEY]").build() ); -Context context = new Context(); -context.put("enable_abac_user_permissions", new Boolean(true)); - UserPermissions permissions = permit.getUserPermissionsFromOPA( new GetUserPermissionsQuery( - User.fromString("john@doe.com"), // user key - null, // tenants filter is not required for ABAC - Arrays.asList("document", "__tenant"), // resource types is always required for ABAC, __tenants is required to not ignore RBAC-based permissions - null, // resources not required - context, + User.fromString("john@doe.com") ) );