Been working on and off on a library for work that will integrate SpiceDB with Django ORM and permissions, I'll probably be able to open source it once it's ready. Here's the schema part, you write the schema as Python classes and then it can be exported to a SpiceDB schema. This should allow for statically checking references to permissions, and eventually allow for macros that tell the ORM how to update relations based on the data you are saving. Quick demo of the schema stuff, here's a schema in Python

python
from django_spicedb.perms.models import PermissionModel, Relation, Self


class User(PermissionModel):
    pass


class Organization(PermissionModel):
    admin = Relation(User)
    is_public = Relation(User, wildcard=True)
    member = Relation(User) | Relation(User, wildcard=True)
    read_all_docs = admin


class Folder(PermissionModel):
    org_parent = Relation(Self) | Relation(Organization)
    parent = Relation(Self)
    reader = Relation(User)

    read = reader + parent.read


class Document(PermissionModel):
    parent = Relation(Folder)
    reader = Relation(User)
    view = reader + parent.read_all_docs

and the schema it outputs

definition user {
}

definition organization {
  relation admin: user
  relation is_public: user:*
  relation member: (user | user:*)

  permission read_all_docs = admin
}

definition folder {
  relation org_parent: (folder | organization)
  relation parent: folder
  relation reader: user

  permission read = (reader + parent->read)
}

definition document {
  relation parent: folder
  relation reader: user

  permission view = (reader + parent->read_all_docs)
}