This is the practice of keeping access control rules out of business logic code. Oso promotes this separation by allowing policies to live in .polar files, which can be independently reviewed, tested, and maintained.
.polar