hi folks, is there any meaningful way to explore relations more easily locally? debugging relations via zed is a bit tedious.

Is there a way we could make exploring with Zed less tedious, or is it that you'd like to explore via a UI?

the UI would be useful, as my biggest pain-point is exploring relations and their existence. take this for example:

definition document {
    relation rparent_unit: unit
    relation rbank_account: bank_account
    relation rstatus: document_status

    permission workspace_admin = rparent_unit->workspace_admin
    permission view_via_unit = workspace_admin + (rparent_unit->view & rstatus->view)
    permission view_via_unit_and_bank_account = workspace_admin + (rparent_unit->view & rbank_account->view & rstatus->view)
    permission delete = view_via_unit + view_via_unit_and_bank_account

    permission create_journal_entry = create_document
}

if I check this:

zed permission check document:daa9b9d8-dbc4-5542-b25d-70665504b862 view_via_unit user:6a131ce5-2424-4343-b591-4915e8f09fd1 --explain --endpoint 0.0.0.0:50051 --token somerandomtoken --insecure
9:44AM INF debugging requested on check
false
⨉ document:daa9b9d8-dbc4-5542-b25d-70665504b862 view_via_unit (3.81875ms)
└── ⨉ document:daa9b9d8-dbc4-5542-b25d-70665504b862 workspace_admin (3.004917ms)

it doesn't really tell me why. does it have a unit? my guess is not. and I need ages to figure out the right command/have to know the uuids up-front. that's the tedious part. if I could just ask spicedb to dump all relationships of a resource (of depth 1 would suffice) or just list all units for example, that would help tremendously!

You can definitely get all the relations of a resource. From zed's command line help:

Error: accepts between 1 and 3 arg(s), received 0
Usage:
  zed relationship read <resource_type:optional_resource_id> <optional_relation> <optional_subject_type:optional_subject_id#optional_subject_relation> [flags]

Flags:
      --consistency-at-exactly string   evaluate at the provided zedtoken
      --consistency-at-least string     evaluate at least as consistent as the provided zedtoken
      --consistency-full                evaluate at the newest zedtoken in the database
      --consistency-min-latency         evaluate at the zedtoken preferred by the database
  -h, --help                            help for read
      --json                            output as JSON
      --subject-filter string           optional subject filter

Global Flags:
      --certificate-path string     path to certificate authoriy used to verify secure connections
      --endpoint string             spicedb gRPC API endpoint
      --insecure                    connect over a plaintext connection
      --log-format string           format of logs ("auto", "console", "json") (default "auto")
      --log-level string            verbosity of logging ("trace", "debug", "info", "warn", "error") (default "info")
      --no-verify-ca                do not attempt to verify the server's certificate chain and host name
      --permissions-system string   permissions system to query
      --skip-version-check          if true, no version check is performed against the server
      --token string                token used to authenticate to SpiceDB