Investigate access control layer (is it currently sufficient?)

What we currently support:

- RBAC 
- ACL
- Field level ignore with RBAC

What we are looking to support:

- HasOwnership is a function currently, is there a way we can extend that usage?
- Rebac
- Owner field on models?
- query level authorization
- more complex cases / bunch of example docs?

Current interfaces:

```
type ACL interface {
	// HasPermission checks if the authenticated user has permission to this resource
	HasPermission(ctx context.Context, resource string, resourceID any, permission Permission) bool

	// GrantPermissions grants []permissions to the authenticated user
	GrantPermissions(ctx context.Context, resource string, resourceID any, permissions []Permission) error

	// GetIDsWithReadPermission returns all ids that an authenticated user has list permission to for a resource.
	GetIDsWithReadPermission(ctx context.Context, resource string) []any
}
```

rbac

```
type RBAC interface {
	// HasPermission checks if the authenticated user has permission to this resource
	HasPermission(ctx context.Context, resource string, permission Permission) bool

	// HasRole checks if the authenticated user has a role
	HasRole(ctx context.Context, role string) bool
}
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Investigate access control layer (is it currently sufficient?) #4

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Investigate access control layer (is it currently sufficient?) #4

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions