04/27/2023, 11:15 PM
Hi as a fan of the original zanzibar paper and really excited to see what you are doing, and someone that runs a service that requires various forms of access controlled query (both search and less fuzzy pure query) I've always been curious about how google approached this part of their system/paper: > in particular, a search index that respects access control and works across applications. Often the approach is to come up with some sort of indexible identifier like an ACL_ID(s) or use a natural key like a user, group or container_id which allows for rapid query but also may involve some bulk re-indexing if the access control relation changes dramatically especially through a relationship. I'm curious if you guys have any thoughts or docs on how folks do that with spicedb / authzed.