IRONSCALES interview question

How would you design granular permissions