Ankit Khosla
09/23/2023, 12:49 PMJesum Yip
09/23/2023, 12:51 PMAndrew Haines (Cerbos)
custom
scope or similar. You could model it that the root scope policies grant all the permissions within the store, but the custom scope ones have deny rules to narrow the permissions of the staff to those granted by the store manager. An example of this sort of scoped setup is here.