# spicedb


05/10/2022, 10:58 PM
Just wanted to check if I am doing this right . So I have a schema for a resource:
Copy code
definition alert {
    relation company: company
        relation user: user

    permission update_alert = user
    permission delete_alert = company
    permission get_alert = company
    permission get_metric_alert_history = company
The use case is that anyone in the company can delete an alert , get alert details and get alert history. However, only the user that created the alert can update it. Does this mean that when an alert is created I need to create two sets of permissions: One with the company and another one with the user? Is there a better way to write the schema?