Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage.

Cerbos Community

Hi Community, I recently went through the e-book and found it amazing. I am designing the Authz in my org and I was taking the approach where I have list of permissions that are the same as the actions that can be performed on various resources. for example, I store, `user:create`, `user:delete`  `user.update` etc and such permissions for various resources. Here `user` is the resource. I store those in permission table and then allow the users to create the custom roles where they create the role and select the permissions present in the permissions drop-down. So here the role is basically the collection of the related permissions. Then user can assign that role to a group or an individual user. After that when user logs in and try to access the resource then PDP will check if the user has specific permission. This only checks for `allow` effect and this is how I am designing it.  In case of Cerobs what I am unsure is, how the user can create the custom roles and how the Ui/UX would look like. can anyone throw some light on it?