SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

Just wanted to check if I am doing this right . So I have a schema for a resource:
`
definition alert {
    relation company: company
        relation user: user

    permission update_alert = user
    permission delete_alert = company
    permission get_alert = company
    permission get_metric_alert_history = company
}
`

The use case is that anyone in the company can delete an alert , get alert details and get alert history. However, only the user that created the alert can update it. Does this mean that when an alert is created I need to create two sets of permissions: One with the company and another one with the user? Is there a better way to write the schema?