In this post, we'll show how to incrementally build complex authorization policies with oso, using GitHub's authorization model as an example.