I'm building a forum and want to implement role based permission system but don't want to specify permissions statically. I have database for sure. What do you suggest for implementing permission system ? In case you may wonder, I'm using axum as a web back end.
You might be interested in OPA (a policy engine) and OPAL (an administration layer built on top of OPA to support dynamic updates to OPA policy and data). The two together can be used to implement RBAC, ABAC, or some other form of access control. It's worth noting, however, that OPA + OPAL may be overkill depending on the complexity of your use case.
Also of potential interest: Netflix uses OPA and an in-house administration layer (that supposedly inspired OPAL) to implement authorization internally.