not a subexpression
# spicedbj
Joey
10/16/2023, 8:23 PMnot a subexpression
s
snowdragon0417
10/16/2023, 8:27 PMThanks for the quick reply Joey! Two followup questions:
1. Is there any plan to support arrow over an subexpression (e.g. if the expression resolves to a single type)?
2. Is there a different way to model the permission I described?
j
Joey
10/16/2023, 8:30 PM1. unlikely, as it seems to break the Zanzibar model
Joey
10/16/2023, 8:31 PM2.
department->member & company->member_of_can_read_document_role_departmentJoey
10/16/2023, 8:31 PMor somesuch
Joey
10/16/2023, 8:31 PMor if it needs to be on the department itself
Joey
10/16/2023, 8:31 PMdepartment->some_combined_permissionss
snowdragon0417
10/16/2023, 8:35 PMTo clarify, the user doesn't need to be in the department to have the permission. As long as the department matches the user should have access. That's why I think some sort of department intersection is needed. Sorry I wasn't clear on this.
j
Joey
10/16/2023, 8:40 PMthe department matches... what though?
Joey
10/16/2023, 8:40 PMremember: the goal is to reach the user