SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

```
definition user {}

definition group {
    relation member: user | group#member
    permission membership = member
}

definition resource {
    relation inherit: resource

    relation reader: user | group#member
    relation writer: user | group#member
        relation noaccess: user

    permission read =  (reader + inherit->reader) - noaccess
    permission write = (writer + inherit->writer) - noaccess
}
```