Open
Description
- Add invariant that users cant review their own requests. To do that add a default that User.name != "self"?
- Model invariant that a static policy can't be escaped -
if you got policy "a" and got policy "b" approved, you get both "a" and "b" in policy set - Model reviews where reviewer is authorized and reviews
just a part of access request (partial approval) - Model search_as access requests and resource based access requests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Metadata
Assignees
Labels
No labels