we're working on implementing "personas" in the context of spicedb and its schema. we chose to represent personas as a separate subject, and to define relations as potentially having either a user or persona subject:

definition site {
    relation accesses: user | persona

one of the constraints of personas is that a persona shouldn't grant access to an object that a user wouldn't otherwise have. the way we're currently approaching this is in calling logic, asking for

readPermissions

on both the persona and user and then returning the intersection of the results.