I don't know why I originally used policy-based authorisation when there's already the role-based one that's built on top of the former, plus which is also designed for this exact use case. It would be good to swap over to that instead. I also believe that this would allow for a better dev experience for when we ultimately design a more complex authorisation matrix, as we can separate the domains of roles and policies better in the code.
Affected Functionality
This task will be a refactor. So it's a case of whether or not we break our authorisation.
I don't know why I originally used policy-based authorisation when there's already the role-based one that's built on top of the former, plus which is also designed for this exact use case. It would be good to swap over to that instead. I also believe that this would allow for a better dev experience for when we ultimately design a more complex authorisation matrix, as we can separate the domains of roles and policies better in the code.
Affected Functionality
This task will be a refactor. So it's a case of whether or not we break our authorisation.
Other Relevant Issues
Nada.