Current authorization model in Atlas supports policies at the level of operations - like which users/groups can create/update/delete of types/classifications/entities.
This model needs to be enhanced/replaced to support more finer level of control - for example:
- control operations on entity instances based on entity-type/entity-classification/entity-id
- users/groups allowed to create/update/delete entities, add/update/remove classifications on entities, what classifications users are allowed to add/update/remove, etc
- control operations on types based on type-name/type-category
- users/groups allowed to create/update/delete classifications, relationships, etc
- control access to admin operations - like import/export