Bryan12/04/2021, 3:17 AM
, etc. They a set of permissions which GitHub decides and they cannot be changed. Your playground is an excellent example of how we can model those. The difficult situations come with custom roles. Orgs can have custom roles, which are roles that represent a collection of permissions that the org admins can hand-pick. So if a user has the
role on a repo, I can follow your playground and make a
role a relation on the
definition. But if a user has a custom role, it's trickier. I can't write it directly into the schema like
because I don't know the permissions the custom role allows. The custom role can have permissions dynamically added and removed at the org admins' discretion.