> the relation could be relation new_admin_dashboard_viewer
"Viewer" is already a matter of permission though: admins can "view and manage" the dashboard while non-admins can only "view", and we can imagine inactive users who can't do anything.
Feature flags in our system are applied on orgs, not users. Modelling it to be per-user is always going to be confusing for us: our developers writing permissions will want to express "this permission is given if the user is an admin and its org has the feature flag XXX enabled". That's not necessarily a dealbreaker but is less than ideal!
> A good way to think about what should be in SpiceDB or not is whether or not another (micro)service would ever want to also check for that relationship/permission.
Yes, our microservices do need to check permissions that are dependent on feature flags
> but it does require the extra relation back for the walk
Out of curiosity, is there a technical reason why the permission must express a set of paths ending on a user, rather than any set of paths at all?