> Can you create different roles for the different groups of users or are they all user defined? I'm not 100% sure what this is asking. I should be more clear, we have two types of roles, system roles and custom roles. System roles are

read

,

write

,

admin

, etc. They a set of permissions which GitHub decides and they cannot be changed. Your playground is an excellent example of how we can model those. The difficult situations come with custom roles. Orgs can have custom roles, which are roles that represent a collection of permissions that the org admins can hand-pick. So if a user has the

write

role on a repo, I can follow your playground and make a

write

role a relation on the

repository

definition. But if a user has a custom role, it's trickier. I can't write it directly into the schema like

write

because I don't know the permissions the custom role allows. The custom role can have permissions dynamically added and removed at the org admins' discretion.