🔐 Zanzibar Authorization System

🧩 Problem

As the user base grew to 100,000+, the existing permission checks became a bottleneck, slowing down resource access across the CRM.

🏗 Architecture

• Google Zanzibar Model: Implemented a relationship-based access control (ReBAC) system.
• High Performance: Built with Go and gRPC for low-latency checks.
• Optimization: Replaced synchronous IPC with asynchronous messaging via RabbitMQ.

📊 Result

• 30% Latency Reduction: Faster resource access for all users.
• 50% Throughput Increase: Decoupled services handled higher load.
• Scalable: Ready for millions of relationships and objects.

Tech Stack

Go • gRPC • RabbitMQ • PostgreSQL • Redis

💻 Code Snippet

// CheckPermission implements the Zanzibar check API
func (s *Server) CheckPermission(ctx context.Context, req *pb.CheckRequest) (*pb.CheckResponse, error) {
    // Check cache first
    if allowed, hit := s.cache.Get(req); hit {
        return &pb.CheckResponse{Allowed: allowed}, nil
    }
    
    // Traverse the relation graph
    allowed, err := s.graph.Traverse(ctx, req.Subject, req.Relation, req.Object)
    if err != nil {
        return nil, err
    }
    
    // Async cache update
    go s.cache.Set(req, allowed)
    
    return &pb.CheckResponse{Allowed: allowed}, nil
}