You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We expect that most public Actors can be migrated to limited permissions with minor, if any, adjustments.
44
+
We expect that most public Actors can be migrated to limited permissions with minor, if any, adjustments. The general prerequisite is to **update the Actor to use the latest [Apify SDK](https://docs.apify.com/sdk)**. To assess what, if anything, needs to change in your Actor, review the following:
45
+
46
+
- How your Actor uses storages: if it only writes to default storages, no changes needed.
47
+
- Whether it calls other Actors: targets must also use limited permissions.
48
+
- Whether it accesses user-provided storages: declare `resourceType` and `resourcePermissions` in `input_schema.json`.
49
+
- Whether it uses named storages: rename/recreate and migrate data to retain access under limited permissions.
50
+
- Whether it needs to know if the user is paying: use `APIFY_USER_IS_PAYING` or the SDK.
51
+
- Whether it needs the user's proxy password: use `APIFY_PROXY_PASSWORD` or the SDK.
47
52
48
-
The general prerequisite is to **update the Actor to use the latest [Apify SDK](https://docs.apify.com/sdk)**. Below you can read a guide that covers various, more advanced cases.
53
+
Once you have updated and [tested](#how-to-test-your-actor-with-limited-permissions-before-migrating) your Actor, you can change the permissions in the Actor settings. The setting will take immediate effect.
49
54
50
-
Once you have updated and [tested](#how-to-test-my-actor-with-limited-permissions-before-migrating) your Actor, you can change the permissions in the Actor setting. The setting will take immediate effect.
55
+
Below you can read a guide covering common migration paths for more advanced cases in greater detail.
51
56
52
57
### The Actor only pushes data to default storages
53
58
54
59
This is the most common and simplest use case. If your Actor only reads its input and writes results to its default dataset, key-value store, or request queue, **no changes are needed**. Limited permissions fully support this behavior out of the box.
55
60
56
-
## The Actor calls other Actors
61
+
###The Actor calls other Actors
57
62
58
63
An Actor with limited permissions can only call other Actors that also have limited permissions. If your Actor calls another one, you will need to ensure the target Actor has been migrated first.
59
64
60
-
## The Actor accesses storages provided by the user
65
+
###The Actor accesses storages provided by the user
61
66
62
67
If your Actor is designed to read from or write to a storage that the user provides via an input field, you must explicitly declare what access you need in Actor’s schema.
63
68
@@ -87,15 +92,15 @@ To support limited permissions, change it to this:
87
92
}
88
93
```
89
94
90
-
Now when the platform runs your Actor, it’ll automatically add the user provided storage the Actor’s scope so that it can access it.
95
+
Now when the platform runs your Actor, it’ll automatically add the user provided storage to the Actor’s scope so that it can access it.
91
96
92
97
:::info Backward compatibility
93
98
94
99
The user can provide the resource both via its name and its ID. If you have existing users with existing inputs that specify the resource via its name, this change to the input schema won’t break it.
95
100
96
101
:::
97
102
98
-
## The Actor accesses named storages
103
+
###The Actor accesses named storages
99
104
100
105
Actors sometimes use named storages for caching or persisting state across runs. With limited permissions, an Actor can create a named storage on its first run and will automatically retain access to it in all subsequent runs by the same user.
101
106
@@ -131,16 +136,16 @@ The goal here is to create the new storage **only once the Actor runs with limit
131
136
132
137
:::
133
138
134
-
**If the existing contents of the named storage is critical for your Actor to keep functioning for the existing users** (as in, you can’t afford removing the storage), reach out to us. We can discuss the available options.
139
+
If the existing contents of the named storage are critical for your Actor to keep functioning for the existing users and it is impossible, costly or highly impractical to migrate, contact support or reach out to us on the community forum. We can discuss the available options.
135
140
136
-
## The Actor needs to know whether the user is paying
141
+
###The Actor needs to know whether the user is paying
137
142
138
143
Some Actors have different logic for free and paying users. Previously you could retrieve this information by calling the `/users/me` API endpoint. However, Actors running under limited permissions don't have access to that endpoint, to get this information, your Actor should read the `APIFY_USER_IS_PAYING` environment variable, or directly use the SDK to obtain the value:
139
144
140
145
```ts
141
146
const { userIsPaying } =Actor.getEnv();
142
147
```
143
148
144
-
## The Actor uses proxy
149
+
###The Actor uses Proxy
145
150
146
-
Similarly, if your Actor needs the user's proxy password, it should get it from the `APIFY_PROXY_PASSWORD` environment variable instead of calling the `/users/me` endpoint, orpreferably just rely on the SDK to take care of the documentation.
151
+
Similarly, if your Actor uses [Proxy](../../../proxy/index.md) and needs to retrieve the user's proxy password, it should get it from the `APIFY_PROXY_PASSWORD` environment variable instead of calling the `/users/me` endpoint or, preferably, rely directly on the SDK to handle proxy configuration automatically.
0 commit comments