SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

we're running into something where using the platform pattern blows up certain `ListResources` requests. a toy schema:

```
definition user {}

definition platform {
  relation admin: user
  permission read_file = user
}

definition file {
  relation reader: user
  relation platform: platform
  permission read = user + platform->read_file
}
```

and we're writing a relation between every `file` in our system and our singleton `platform` object. for endpoints that make use of `ListResources`, they work fine for normal users, but when an admin calls the same endpoint, `ListResources` returns 70k ids and it falls over because it exceeds the gRPC deadline we set.

are we using the "platform" pattern wrong? is there another way to approach the problem? something we were kicking around was the idea of making our wrapping service call `CheckPermission` on the admin permission in parallel and return something different for an admin call, but handling that means more work for the callers that we were hoping to avoid