You can, simply use the topazd.exe binary from the topaz_windows_x86_64.zip from the GH releases page (https://github.com/aserto-dev/topaz/releases). Note this is currently not a Windows Service, so not net start topaz. Let me know if that would be interesting.
In simple terms topaz brings a rebac data solution together with OPA, so you only have to create attribute based authorization rules when really needed, to compliment the relation authorization provided by the topaz directory.
The key objective is to build upon the existing cornerstones.
Note that this is not necessarily an effort to define yet another authorization architecture or runtime policy language. Instead, the WG will develop OpenID Foundation Final Specifications which leverage existing architectures and protocols as much as possible. Where appropriate, the WG intends to collaborate with international standards development organizations, such as ISO/IEC JTC 1, ITU-T, and IETF, for recognition of these OpenID Foundation specifications.
Technically names do not have to match, but it certainly makes it easier if you have a pattern to rely on when injecting authorization into a middleware layer.
Interested to understand how does this compares and relates to https://github.com/99designs/gqlgen. Especially in the area of type system, is this reflection based, materialized types?
So the idea is that you create a candidate set of resource keys from the permission system and join that with the external database and / or use it as a post filter?
You can create rules which take in to account that there is a temporary grant, you do need to account for that somewhere in the form of accessible state. This could be achieved using the tenant level resource state, which is immediately updated and can be referenced from the rego rule.
I find topic balancing and scaling up and down volumes related to that a royal challenge resulting in having to balance manually to remove/reduce resource bottlenecks.
This generates high-calorie syntactic sugar just to satisfy an itch.
Run the generated code through the golang-ci linter, which will barf on what is getting created, for example:
``` // Eliminates any 'unused variable' errors _, _, _, _ = err, fileContent, fileContentStrVersion, trimmedLines ```
golang is a procedural language. If you cannot deal with it, don't use it, but please stop polluting the ecosystem.