SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

I currently have roles of users stored in my psql table now I want to use spiceDB, so should I duplicate my roles data to spiceDB or just move my data to spiceDB and then query spice DB whenever I need to get roles of some user(s)?

The answer is _it depends_. Most likely you also store additional metadata about the roles that SpiceDB won't be able to store, thus making it unpractical to become the source of truth. The alternative is to make SpiceDB a "copy" or denormalization of the source of truth in your pSQL.

i have one more question

here is my schema

definition user {
    relation belongs_to: organization
    
    permission delete = belongs_to->delete_user
    permission make_admin = belongs_to->make_admin
    permission make_member = belongs_to->make_member
}

definition organization {
    relation member: user
    relation admin: user

    permission delete_user = admin
    permission make_admin = admin
    permission make_member = admin
}



currently only admin can delete any user but i want that user can also delete itself only, how to make that happen?

You'd add a `self` relation, and write a relationship from the user to itself.

See an example: https://play.authzed.com/s/oMY6CUnMhVut/schema