https://authzed.com logo
#spicedb
Title
# spicedb
a

adriangalilea

03/11/2024, 5:18 PM
And it also becomes more "ergonomic" the more it grows:
Copy code
definition document {
    relation admin: user
    relation owner: user
    relation editor: user
    relation reader: user
    
    
    permission view = edit + reader
    permission edit = delete + editor
    permission delete = owner + admin
}
Assuming of course that anyone with deletion permission should have edit + view, which I think is a fair assumption, it's much more cleaner than:
Copy code
definition document {
    relation admin: user
    relation owner: user
    relation editor: user
    relation reader: user
    
    
    permission view = owner + admin + editor + reader
    permission edit = owner + admin + editor
    permission delete = owner + admin
}
It seems less error prone to me too