Warrant Changelog - December 2022
Happy holidays! This is our last product update of 2022 and we're excited to share more about what we've been up to leading into 2023:
Major updates to Java & Ruby SDKs
We've made some major updates to our Java and Ruby SDKs, bringing them up to par with all functionality supported by the Warrant APIs. This includes:
- All RBAC operations including role, permission, user assignment, removal and authz checks
- Pricing tiers (CRUD operations and authz checks)
- Features (CRUD operations and authz checks)
- New Java and Ruby types for Warrant objects and subjects to make creating, deleting and checking warrants easier and safer
Added support for wildcard (*) warrants
One access use-case that often comes up in SaaS and enterprise apps is the ability to grant full-access to all objects of a given type to a specific user. For example, you may want to grant user:123
the ability to edit
all reports
in a system. Until now, the only way to define this rule was by creating individual warrants for each and every report in the system or having to grant access through an intermediate object (like a role or permission). This isn't very scalable and requires creating and deleting multiple warrants every time a user or report is changed or created.
To make this much easier, we've introduced wildcard (*) warrants. With wildcard warrants, you can now define a single warrant that applies to all objects of a given objectType
in the system. Using the example from before, you can now grant user:123
editor
access to all reports (current and future) using one single warrant:
{
"objectType": "report",
"objectId": "*",
"relation": "editor",
"subject": {
"objectType": "user",
"objectId": "123"
}
}
You can read more about wildcard warrants here.
Performance improvements
Last but not least, we've made some significant performance improvements on the Warrant backend to improve overall query and write latencies, especially for RBAC operations. Users should see ~5-10% improvement overall and ~40% in certain write operations! We're also working on more improvements so users can expect even better performance early next year.