Ankit Khosla09/23/2023, 12:49 PM
Jesum Yip09/23/2023, 12:51 PM
Andrew Haines (Cerbos)
scope or similar. You could model it that the root scope policies grant all the permissions within the store, but the custom scope ones have deny rules to narrow the permissions of the staff to those granted by the store manager. An example of this sort of scoped setup is here.