These are a great addition and make the entity definitions self contained - great for documentation and making sure you don't forget to validate enforcement.
One additional one that would be useful is something like
EntityAuthorizeEntityValue(ClaimName, FieldName, EntitySetPermissions)
[Entity] [Sequence('SEQ_USER')] [Id('FId', TIdGenerator.IdentityOrSequence)] [EntityAuthorizeScopes('Administrator', EntitySetPermissionsAll)] EntityAuthorizeEntityValue('UserId', 'FId', [TEntitySetPermission.Modify]; TUser = Class private FId: Integer; FName: String; public property Id: Integer read FId write FId; property Name: String read FName write FName; end;
So an admin can do everything, but the user themselves can modify the data.
Or am I asking too much?