Merge pull request #120 from vtex-apps/hotfix/B2BTEAM-1487-remove-get…

…Roles-from-metrics fix: remove checkPermissions from metrics
vtex-apps · Nov 9, 2023 · 5d48722 · 5d48722
2 parents 67a498c + 7843b72
commit 5d48722
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 17 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Fixed
+
+- Remove get permissions from access audit metrics
+
 ## [1.37.0] - 2023-11-06
 
 ### Added

diff --git a/node/directives/auditAccess.ts b/node/directives/auditAccess.ts
@@ -3,7 +3,6 @@ import { defaultFieldResolver } from 'graphql'
 import { SchemaDirectiveVisitor } from 'graphql-tools'
 
 import sendAuthMetric, { AuthMetric } from '../metrics/auth'
-import { checkUserPermission } from '../resolvers/Queries/Users'
 
 export class AuditAccess extends SchemaDirectiveVisitor {
   public visitFieldDefinition(field: GraphQLField<any, any>) {
@@ -39,29 +38,13 @@ export class AuditAccess extends SchemaDirectiveVisitor {
     const hasStoreToken = !!storeUserAuthToken
     const hasApiToken = !!request.headers['vtex-api-apptoken']
 
-    let role
-    let permissions
-
-    if (hasAdminToken || hasStoreToken) {
-      const userPermissions = await checkUserPermission(
-        null,
-        { skipError: true },
-        context
-      )
-
-      role = userPermissions?.role?.slug
-      permissions = userPermissions?.permissions
-    }
-
     const authMetric = new AuthMetric(account, {
       caller,
       forwardedHost,
       hasAdminToken,
       hasApiToken,
       hasStoreToken,
       operation,
-      permissions,
-      role,
     })
 
     await sendAuthMetric(logger, authMetric)