Open PieterKas opened 1 year ago
A simple "action" can either be an abstract reference by name, represented as a simple string - e.g. "GET", "READ", "DELETE". Or it can be expressed as a complex structure, describing a transaction function with arbitrary parameters and values. Example 1: Bank payout transaction with an amount and currency
subject = "bank customer A" , resource = "Bank Account 123"
Action = Payout-Transaction (amount = 500, currency = Eur, payee = "Bank Account 789")
Example 2: set the quota of a resource to "500 Gigabytes"
subject = "user B" , resource = "users home folder"
Action = set-quota (value = 500, unit = "GB")
The abstraction of an action could be defined as a "complex space described by attributes and/or bounding parameters".
https://github.com/SGNL-ai/authzapi/blob/5937da2ca3a3ed189bb066ce2f75c9bd5e0a380d/authorization-api-1_0.md?plain=1#L177C1-L177C1
It would be good to include details of how the extensibility might work.