From b9f3d411ac816f7c645b34baf6438d8836ccfdd8 Mon Sep 17 00:00:00 2001
From: Rudge <rudgee@gmail.com>
Date: Thu, 9 Nov 2023 10:02:55 -0300
Subject: [PATCH 1/2] fix: remove checkPermissions from metrics

- It calls the saveRole and saveJson in VBase
---
 node/directives/auditAccess.ts | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/node/directives/auditAccess.ts b/node/directives/auditAccess.ts
index b6a6c8f..4d14433 100644
--- a/node/directives/auditAccess.ts
+++ b/node/directives/auditAccess.ts
@@ -3,7 +3,6 @@ import { defaultFieldResolver } from 'graphql'
 import { SchemaDirectiveVisitor } from 'graphql-tools'
 
 import sendAuthMetric, { AuthMetric } from '../metrics/auth'
-import { checkUserPermission } from '../resolvers/Queries/Users'
 
 export class AuditAccess extends SchemaDirectiveVisitor {
   public visitFieldDefinition(field: GraphQLField<any, any>) {
@@ -39,20 +38,6 @@ export class AuditAccess extends SchemaDirectiveVisitor {
     const hasStoreToken = !!storeUserAuthToken
     const hasApiToken = !!request.headers['vtex-api-apptoken']
 
-    let role
-    let permissions
-
-    if (hasAdminToken || hasStoreToken) {
-      const userPermissions = await checkUserPermission(
-        null,
-        { skipError: true },
-        context
-      )
-
-      role = userPermissions?.role?.slug
-      permissions = userPermissions?.permissions
-    }
-
     const authMetric = new AuthMetric(account, {
       caller,
       forwardedHost,
@@ -60,8 +45,6 @@ export class AuditAccess extends SchemaDirectiveVisitor {
       hasApiToken,
       hasStoreToken,
       operation,
-      permissions,
-      role,
     })
 
     await sendAuthMetric(logger, authMetric)

From 7843b7287fba5d30fafe5c9e9c3a1e6e07526790 Mon Sep 17 00:00:00 2001
From: Rudge <rudgee@gmail.com>
Date: Thu, 9 Nov 2023 10:08:46 -0300
Subject: [PATCH 2/2] chore: update changelog

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c1f685c..52258fe 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Fixed
+
+- Remove get permissions from access audit metrics
+
 ## [1.37.0] - 2023-11-06
 
 ### Added