Story 2.3: Core RBAC Engine
| Field | Value |
|---|---|
| Story Points | 13 |
| Sprint | Sprint 4-5 |
User Story
As a Developer
I want a centralized RBAC engine
So that all services can enforce consistent access control
Key Features
- Permission checking with
<5mslatency (cached) - Role hierarchy support (inherits parent permissions)
- Module + Action + Data level checks
- Wildcard permissions (fee.* = all fee actions)
- Permission caching with Redis
- gRPC interface for microservices