[Feature Request] Add support for bitwise operators in access policies

[sanny-io]

Is your feature request related to a problem? Please describe.
I'm using bitflags for a permission system, but I can't tie that in with Zenstack's access policies without bitwise operators.

Describe the solution you'd like
The ability to use bitwise operators like &, |, ~, etc.

Describe alternatives you've considered
I've tried granting permissions as individual rows, but it's much more unwieldy compared to having all of the permissions encoded into a single column.

Additional context
Ideally, it would work with any numeric column type. Bitflags in particular can get quite large. I'm using BigInt

Also, I want to express my gratitude for the work you guys do. I just sponsored the project, but it wouldn't let me include a message to say thanks :<

Zenstack is awesome, and you are amazing maintainers!

[ymc9]

Hi @sanny-io , really appreciate your sponsorship. It means a lot to us! We're glad you've found ZenStack helpful.

As to this feature request, I agree it's a very nice ability to have. However, the hurdle is ZenStack's access policy engine works by translating the policy expressions into Prisma query filters (so the rules can be efficiently evaluated on the database side). Unfortunately Prisma doesn't support bitwise filter yet. There's a FR but there hasn't been any progress yet.

We're in the process of evaluating how ZenStack's next major version can address more flexibility issues like this one you proposed.