diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-15 16:37:08 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-17 16:30:22 -0600 |
| commit | 45df4d0d9b577fecee798d672695fe24ff57fb1b (patch) | |
| tree | 1b99bf645035b58e0d6db08c7a83521f41f7a75b /vendor/tower-layer/README.md | |
| parent | f94f79608393d4ab127db63cc41668445ef6b243 (diff) | |
feat: migrate from Cedar to SpiceDB authorization system
This is a major architectural change that replaces the Cedar policy-based
authorization system with SpiceDB's relation-based authorization.
Key changes:
- Migrate from Rust to Go implementation
- Replace Cedar policies with SpiceDB schema and relationships
- Switch from envoy `ext_authz` with Cedar to SpiceDB permission checks
- Update build system and dependencies for Go ecosystem
- Maintain Envoy integration for external authorization
This change enables more flexible permission modeling through SpiceDB's
Google Zanzibar inspired relation-based system, supporting complex
hierarchical permissions that were difficult to express in Cedar.
Breaking change: Existing Cedar policies and Rust-based configuration
will no longer work and need to be migrated to SpiceDB schema.
Diffstat (limited to 'vendor/tower-layer/README.md')
| -rw-r--r-- | vendor/tower-layer/README.md | 43 |
1 files changed, 0 insertions, 43 deletions
diff --git a/vendor/tower-layer/README.md b/vendor/tower-layer/README.md deleted file mode 100644 index 48f9dbb7..00000000 --- a/vendor/tower-layer/README.md +++ /dev/null @@ -1,43 +0,0 @@ -# Tower Layer - -Decorates a [Tower] `Service`, transforming either the request or the response. - -[![Crates.io][crates-badge]][crates-url] -[![Documentation][docs-badge]][docs-url] -[![Documentation (master)][docs-master-badge]][docs-master-url] -[![MIT licensed][mit-badge]][mit-url] -[![Build Status][actions-badge]][actions-url] -[![Discord chat][discord-badge]][discord-url] - -[crates-badge]: https://img.shields.io/crates/v/tower-layer.svg -[crates-url]: https://crates.io/crates/tower-layer -[docs-badge]: https://docs.rs/tower-layer/badge.svg -[docs-url]: https://docs.rs/tower-layer -[docs-master-badge]: https://img.shields.io/badge/docs-master-blue -[docs-master-url]: https://tower-rs.github.io/tower/tower_layer -[mit-badge]: https://img.shields.io/badge/license-MIT-blue.svg -[mit-url]: LICENSE -[actions-badge]: https://github.com/tower-rs/tower/workflows/CI/badge.svg -[actions-url]:https://github.com/tower-rs/tower/actions?query=workflow%3ACI -[discord-badge]: https://img.shields.io/discord/500028886025895936?logo=discord&label=discord&logoColor=white -[discord-url]: https://discord.gg/EeF3cQw - -## Overview - -Often, many of the pieces needed for writing network applications can be -reused across multiple services. The `Layer` trait can be used to write -reusable components that can be applied to very different kinds of services; -for example, it can be applied to services operating on different protocols, -and to both the client and server side of a network transaction. - -## License - -This project is licensed under the [MIT license](LICENSE). - -### Contribution - -Unless you explicitly state otherwise, any contribution intentionally submitted -for inclusion in Tower by you, shall be licensed as MIT, without any additional -terms or conditions. - -[Tower]: https://crates.io/crates/tower
\ No newline at end of file |