Happy holidays! This is our last product update of 2022 and we're excited to share more about what we've been up to leading into 2023:
Major updates to Java & Ruby SDKs
- All RBAC operations including role, permission, user assignment, removal and authz checks
- Pricing tiers (CRUD operations and authz checks)
- Features (CRUD operations and authz checks)
- New Java and Ruby types for Warrant objects and subjects to make creating, deleting and checking warrants easier and safer
Added support for wildcard (*) warrants
One access use-case that often comes up in SaaS and enterprise apps is the ability to grant full-access to all objects of a given type to a specific user. For example, you may want to grant
user:123 the ability to
all reports in a system. Until now, the only way to define this rule was by creating individual warrants for each and every report in the system or having to grant access through an intermediate object (like a role or permission). This isn't very scalable and requires creating and deleting multiple warrants every time a user or report is changed or created.
To make this much easier, we've introduced wildcard (*) warrants. With wildcard warrants, you can now define a single warrant that applies to all objects of a given
objectType in the system. Using the example from before, you can now grant
editor access to all reports (current and future) using one single warrant:
You can read more about wildcard warrants here.
Last but not least, we've made some significant performance improvements on the Warrant backend to improve overall query and write latencies, especially for RBAC operations. Users should see ~5-10% improvement overall and ~40% in certain write operations! We're also working on more improvements so users can expect even better performance early next year.