Create an `Any` resource that matches any model

[anasbarg]

This will make many things easier. Suppose you want to create an Admin role that has access to everything, or maybe allow access to everything from the global role to use denys instead of allows (switch to blacklisting since the default is whitelisting).

[m-tabaza]

Just to clarify a little bit, this can be done already for model fields (by not specifying a field in the resource.) But the focus is on models, since there's no 'catch all' case for them.

I think maybe Any would be a better identifier than *.

[anasbarg]

Just to clarify a little bit, this can be done already for model fields (by not specifying a field in the resource.) But the focus is on models, since there's no 'catch all' case for them.

I think maybe Any would be a better identifier than *.

Yes, but Any should be like a resource that matches anything (fields and models). For example, if I need to allow everything, I can do this

allow ALL Any

or maybe I want to allow reads on everything:

allow READ Any

or maybe I want to allow MUTATE on every list field or non-primitive field

allow MUTATE Any

same for PUSH_TO and REMOVE_FROM

Also, checkout #65 because I think it's related to this issue.