[finnh]

The problem isn't the 30 lines, though. The problem is "millions of users, billions/trillions of objects" and both are non-hierarchical with pairwise sharing etc.

If the requirements were simple, the POSIX model would still work too :)

[pnocera]

I agree. for my use case, once a user is authenticated, you get his roles and subscription. There's a limited number of features or actions for each object type, and a limited number of object types. So you can get the set of rules in the client to manage UI, and apply the same set of rules on the backend in the API. In this use case the authz calculation time will be the same with a million users and a billion objects.