Hello! I want to model a permission where users are assigned custom roles that grant access to resources under a certain department. I'm trying to intersect the departments first and get member from the intersection result. However I'm getting

Expected end of statement or definition, found: TokenTypeRightArrow

. Is

(a & b)->c

not supported? Is there a workaround? Thanks in advance! This is the schema:

definition user {
}

definition department {
  /* not real members, just so that we can map back to user type */
  relation member: user:*
}

definition user_role {
  relation allowed_department: department
}

definition company {
  relation can_read_document_role: user_role

  permission can_read_document_role_department = can_read_document_role->allowed_department
}

definition document {
  relation company: company
  relation department: department

  /* allow read if the department matches the one from can_read_document_role */
  permission read = (department & company->can_read_document_role_department)->member
}