pdow
02/28/2023, 12:48 PMrelation can_access: user with ports_allowed
along with the ports_allowed caveat. When writing the relation at runtime, you write a port range into the context of that relation (store a minPort and maxPort or something like that) . The caveat then compares the stored port range and the accessedPort you pass in at query time
Unless I am misunderstanding how caveats work myself