So one issue that came up with this solution is th...
# spicedb
So one issue that came up with this solution is that we want the role to apply for all team members which should include team maintainers as well. Adding
relation member: github/user | github/team#member
only covers the team members but not the team maintainers, who should also be considered members. The way we’ve been working with team membership as being inclusive of members and maintainers is with a permission on the team object which is
permission membership = maintainer + member
. I realize we could grant the role to the team maintainers in addition to the members via
, but that doesn’t feel quite right. I’m wondering if there is a way we can adjust the team
relation to include the
relation for the same team and get this to work. I added an assertion to our playground for a team maintainer which is currently failing to illustrate this