SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

Is there a better way to model this permission set?
```
permission none = (parent_cabinet->is_member & denied) - parent_cabinet->admin
    permission admin = parent_cabinet->admin + (parent_cabinet->is_member & (administrator - none))
    permission share = parent_cabinet->admin + (parent_cabinet->is_member & ((sharer + admin) - none))
    permission edit = parent_cabinet->is_member & (editor - none)
    permission view = parent_cabinet->admin + (parent_cabinet->is_member & ((viewer + editor + sharer + administrator) - none))
```

In our system, each "lower" permission is included in the upper permissions as well.  So someone with admin permissions automatically has view and share.  So we have to check all of them for each lower check.