* Add prefix constants and use string builders / string concatinations
* Use cache for both streamed and non-stream versions of list objects
* Remove unused constants
* Create and use common ResourceInfo struct
* Add support for formatting group resource with subresource
* Add initial support for handling subresource
* Add test for checking subresource for generic resource
* Bump authlib
* Zanzana: Pass contextual tuples for authorization
* global reconciler for fixed roles
* inject tuples from global store
* fix adding contextual tuples
* cleanup
* don't error on auth context fail
* add todo
* add context for List
* add caching
* remove unused
* use constant for global namespace
* Rename global namespace to cluster namespace
* Zanzana: Handle renderer service authorization requests
* only add context if render service is authorizing
* use group and resource from API definitions
* check prefix instead of full identity
* fix AddRenderContext
* remove unused type
* add service account to the schema
* sync managed permissions for service accounts
* sync SA basic roles
* sync SA roles
* Fix endless loop in reconciler while read openfga
Remove create relation from generic resources.
We cant have a create relation to a resource because they don't exist yet. So
in oder to check create we either have to have that permissions on a folder or the namespace
* Move server init into server package
* map store name to id
* refactor model loading
* pass namespace into reconcilers and collectors
* refactor
* Extend authz server with Read and Write methods
* use new read/write in reconciler
* implement server side read and write
* Sync permissions for every org
* handle namespace in check and list
* split read and write
* provide conditions
* Fix client implementation
* fix nil conditions
* remove unused client code
* use lock for store access
* move type translators to common package
* fix folder collector
* fix store creation
* remove unused AuthorizationModelId
* fix server tests
* fix linter
* Remove collectors
* Remove zanzana search check, we need to rewrite that part to the new schema
* Only use generic resource schema and cleanup code we don't want to keep / need to re-write
* Rename to CheckObject
* Implement authz.AccessClient
* Move folder tree to reconciler and use new schema
* Move shared functionality to common package
* Add reconciler for managed permissions and resource translations
* Add support for folder resources
Misi
Ryan McKinley
Stephanie Hingtgen
Alexander Zobnin
Igor Suleymanov
Karl Persson
Karl Persson
Gabriel MABILLE
Zoltán Bedi