Description
To improve the policy-engine performance, the evaluation should attempt resource-match only after verifying that the policy can possibly make the decision for the user/groups/access-type in the request. This optimization should be done only after "isAudited" flag is determined - as audit depends only on resource-match (and not the user/groups/access-type match).