Lately I’ve been trying to figure some figure out some new ways to define declarative security constraints to web resources. Here’s the a use case that popped into my head a while back: suppose you have a service to access…