Description
As the structural complexity of web services increases, RBAC / ReBAC structure is often adopted for easy role and permission management. Our service is no exception. Since the need for many roles and permission management was anticipated, we decided to use ReBAC from an SSDLC-ish perspective from the initial planning stage and defined requirements such as Table-less role assignment, Role explosion, Hierarchical object graph, and Row-level access control. After checking the status of libraries in the existing Django ecosystem, we introduce the direction and implementation we approached each problem to satisfy the requirements defined above, and introduce the journey to create django-entity-rbac, an open-source library that solves them.