|
1 | | -# Permit.io client for Java |
| 1 | +# Java SDK for Permit.io |
2 | 2 |
|
3 | | -Java client library for the Permit.io full-stack permissions platform. |
| 3 | +Java SDK for interacting with the Permit.io full-stack permissions platform. |
4 | 4 |
|
| 5 | +## Overview |
| 6 | + |
| 7 | +This guide will walk you through the steps of installing the Permit.io Java SDK and integrating it into your code. |
| 8 | + |
| 9 | +## Installation |
| 10 | + |
| 11 | +For [Maven](https://maven.apache.org/) projects, use: |
| 12 | +```xml |
| 13 | +<dependency> |
| 14 | + <groupId>io.permit</groupId> |
| 15 | + <artifactId>permit-sdk-java</artifactId> |
| 16 | + <version>1.0.0-RC</version> |
| 17 | +</dependency> |
| 18 | +``` |
| 19 | + |
| 20 | +For [Gradle](https://gradle.org/) projects, configure `permit-sdk-java` as a dependency in your `build.gradle` file: |
| 21 | +```groovy |
| 22 | +dependencies { |
| 23 | + // ... |
| 24 | +
|
| 25 | + implementation 'io.permit:permit-sdk-java:1.0.0-RC' |
| 26 | +} |
| 27 | +``` |
| 28 | + |
| 29 | +## Usage |
| 30 | + |
| 31 | +### Initializing the SDK |
| 32 | +To init the SDK, you need to create a new Permit client with the API key you got from the Permit.io dashboard. |
| 33 | + |
| 34 | +First we will create a new `PermitConfig` object so we can pass it to the Permit client. |
| 35 | + |
| 36 | +Second, we will create a new `Permit` client with the `PermitConfig` object we created. |
| 37 | + |
| 38 | +```java |
| 39 | +import io.permit.sdk.Permit; |
| 40 | +import io.permit.sdk.PermitConfig; |
| 41 | + |
| 42 | +// This line initializes the SDK and connects your Java app |
| 43 | +// to the Permit.io PDP container you've set up in the previous step. |
| 44 | +Permit permit = new Permit( |
| 45 | + new PermitConfig.Builder("[YOUR_API_KEY]") |
| 46 | + // in production, you might need to change this url to fit your deployment |
| 47 | + .withPdpAddress("http://localhost:7766") |
| 48 | + // optionally, if you wish to get more debug messages to your log, set this to true |
| 49 | + .withDebugMode(false) |
| 50 | + .build() |
| 51 | + ); |
| 52 | +``` |
| 53 | + |
| 54 | +### Checking permissions |
| 55 | +To check permissions using our `permit.check()` method, you will have to create User and Resource models as input to the permission check. |
| 56 | +The models are located in `` |
| 57 | + |
| 58 | +Follow the example below: |
| 59 | + |
| 60 | +```java |
| 61 | +import io.permit.sdk.enforcement.Resource; |
| 62 | +import io.permit.sdk.enforcement.User; |
| 63 | +import io.permit.sdk.Permit; |
| 64 | + |
| 65 | +boolean permitted = permit.check( |
| 66 | + // building the user object using User.fromString() |
| 67 | + // the user key (this is the unique identifier of the user in the permission system). |
| 68 | + User.fromString("[USER KEY]"), |
| 69 | + // the action key (string) |
| 70 | + "create", |
| 71 | + // the resource object, can be initialized from string if the "default" tenant is used. |
| 72 | + Resource.fromString("document") |
| 73 | +); |
| 74 | + |
| 75 | +if (permitted) { |
| 76 | + System.out.println("User is PERMITTED to create a document in the 'default' tenant"); |
| 77 | +} else { |
| 78 | + System.out.println("User is NOT PERMITTED to create a document in the 'default' tenant"); |
| 79 | +} |
| 80 | +``` |
| 81 | + |
| 82 | +A more complicated example (passing attributes on the user object, using an explicit tenant in the resource): |
| 83 | +```java |
| 84 | +import io.permit.sdk.enforcement.Resource; |
| 85 | +import io.permit.sdk.enforcement.User; |
| 86 | +import java.util.HashMap; |
| 87 | + |
| 88 | + |
| 89 | +HashMap<String, Object> userAttributes = new HashMap<>(); |
| 90 | +userAttributes.put("age", Integer.valueOf(20)); |
| 91 | +userAttributes.put("favorite_color", "yellow"); |
| 92 | + |
| 93 | +boolean permitted = permit.check( |
| 94 | + // building the user object using the User.Builder class |
| 95 | + new User.Builder("[USER KEY]").withAttributes(userAttributes).build(), |
| 96 | + // the action key (string) |
| 97 | + "create", |
| 98 | + // building the resource object using the Resource.Builder in order to pass an explicit tenant key: "awesome-inc" |
| 99 | + new Resource.Builder("document").withTenant("awesome-inc").build() |
| 100 | +); |
| 101 | + |
| 102 | +if (permitted) { |
| 103 | + System.out.println("User is PERMITTED to create a document in the 'awesome-inc' tenant"); |
| 104 | +} else { |
| 105 | + System.out.println("User is NOT PERMITTED to create a document in the 'awesome-inc' tenant"); |
| 106 | +} |
| 107 | +``` |
| 108 | + |
| 109 | +### Syncing users |
| 110 | +When the user first logins, and after you check if he authenticated successfully (i.e: **by checking the JWT access token**) - |
| 111 | +you need to declare the user in the permission system so you can run `permit.check()` on that user. |
| 112 | + |
| 113 | +To declare (or "sync") a user in the Permit.io API, use the `permit.api.users.sync()` method. |
| 114 | + |
| 115 | +Follow the example below: |
| 116 | +```java |
| 117 | +import io.permit.sdk.api.models.CreateOrUpdateResult; |
| 118 | +import io.permit.sdk.enforcement.User; |
| 119 | + |
| 120 | +HashMap<String, Object> userAttributes = new HashMap<>(); |
| 121 | +userAttributes.put("age", Integer.valueOf(50)); |
| 122 | +userAttributes.put("fav_color", "red"); |
| 123 | + |
| 124 | +CreateOrUpdateResult<UserRead> result = permit.api.users.sync( |
| 125 | + (new User.Builder("auth0|elon")) |
| 126 | + .withEmail("elonmusk@tesla.com") |
| 127 | + .withFirstName("Elon") |
| 128 | + .withLastName("Musk") |
| 129 | + .withAttributes(userAttributes) |
| 130 | + .build() |
| 131 | +); |
| 132 | +UserRead user = result.getResult(); |
| 133 | +assertTrue(result.wasCreated()); |
| 134 | +``` |
| 135 | + |
| 136 | +Most params to UserCreates are optional, and only the unique user key is needed. This is valid: |
| 137 | + |
| 138 | +```java |
| 139 | +CreateOrUpdateResult<UserRead> result = permit.api.users.sync(new UserCreate("[USER KEY]")); |
| 140 | +``` |
0 commit comments