I've got a schema that looks something like this: ...
# spicedb
I've got a schema that looks something like this:
Copy code
definition user {
  relation persona: user

definition thing {
  relation reader: user
  relation writer: user
  permission read: reader + writer
  permission write: writer
the "persona" notion is that a user may have personas which only have access to some subset of the things which the user can see. the concrete use case is a salesperson with access to many things showing a prospective customer what it looks like to be a user in the system with various levels of privilege. it seems like this model should suffice. however, one of my coworkers asked me whether it's possible to get a list of all personas with read access on a thing, and then get a list of all nonpersona users with read access on a thing. it''d be filtering on whether a given user has a persona relation pointing at it. is there a way to express this in a
request? if not, is there a better way of asking the question, or of modeling this such that that question is answerable? we could theoretically move the question outside of spicedb by having a naming convention for "persona" users vs normal users and then doing a string filter on the output of a Read request, but i'm wondering if there's another way of approaching it.