Support persistence and reuse of warrant policies #145
Description
Is your feature request related to a problem? Please describe.
Currently, warrant policies can only be defined ad-hoc per warrant. This approach/implementation doesn't lend itself well to reuse of policies. For example, a developer might want to apply a company-wide internal user (employee) policy (e.g. user.email endsWith "@warrant.dev") and reuse it across multiple warrants (too many to manually update). With the current approach, each warrant using this policy would need to define the expression in the policy field. Later on, if the policy itself needs to be updated (e.g. policy is updated to user.email endsWith "@warrant.dev" && clientIP matches X.X.X.X), it would require a bulk update of warrants.
Describe the solution you'd like
Reusing policies will be easier if warrant policies are tracked separately, each policy is given a unique identifier (perhaps a function name), and one or more policies can be referenced in a warrant's policy field. Policies can then be independently updated and updates can be reflected across all warrants referencing the updated policy.
Describe alternatives you've considered
Currently, there is no alternative if you're looking to reuse the same policy expression(s) across warrants.
Additional context
Warrants should still support defining ad-hoc policies, but the underlying behavior should be to create a policy out of the ad-hoc expression and then reference the newly created policy in the persisted warrant.