I'm working on EACL: http://github.com/theronic/eacl

EACL (Enterprise Access ControL) is a situated ReBAC authorization library based on SpiceDB, built in Clojure and backed by Datomic. EACL queries offer sub-millisecond query times and has replaced SpiceDB at work (CloudAfrica).

'Situated' here means that your permissions live _next_ to your data in Datomic, which avoids a network hop and avoids syncing to an external AuthZ system like SpiceDB, so all queries are fully consistent.

EACL is fast for typical workloads and is benchmarked against 800k permissioned entities. Once you need more scale or consistency semantics, you can sync your relationships from Datomic to SpiceDB 1-for-1 in near real-time because there is no impedance mismatch between EACL & SpiceDB.

Read the rationale for EACL here: https://eacl.dev/#why-was-eacl-built-the-problem-with-extern...

IMO, if you need fine-grained permissions, EACL is currently best-in-class for the Clojure ecosystem. EACL is especially suited to Electric Clojure applications and can be used to populate menus in real-time.

EACL would not have been possible to build solo in my spare time without modern AI models to rapidly implement specifications and test against human-written tests.

Here is a ~7-minute screen recording of EACL used from an Electric Clojure application for real-time ReBAC queries: https://x.com/PetrusTheron/status/1996344248925294773