How can I model below scenario, please help 1. We have roles and users. 2. Each user can have one or more roles 3. We have document which can be managed by user only if user has role which has permission to manage document. For this I have modeled this

definition user {}

definition document {
    relation document_manage: role#member
    permission manage_document = document_manage->member
}

definition role {
    relation member: user
}

See https://play.authzed.com/s/1un4WpSkjfz1/assertions Below relationship works only if I make an entry for doc1 in test relationship.

"document:doc1#document_manage@user:ron"

Basically what I want is any user who has dev role with manage_document permission should be able to access any document. What should I do in above schema to achieve this?