Hello all. A question since I feel that I may be m...
# spicedb
Hello all. A question since I feel that I may be missing something. Is there support for checking a relationship/permission of a subject for all resources of a specific type or resources that do not yet exist? To be more specific: Let's assume that we have a resource definition of type "document". I want to model a relationship/permission of "can_create", i.e. depicting whether a user can indeed create a new resource of that type. I do have roles, to which the user has been assigned to, and those roles are depicted in spicedb as different resources already. When performing something like:
zed permission check "scenario/case:*" "can_create" "user:user_a"
, I get an error stating that the ObjectId should be alphanumeric. In a different approach, I explicitly define a new resource type named "action" like:
Copy code
definition action {
    relation allowed: user:*
Then by adding a new relationship like: works as expected. In such approach though I seem to be missing a way to add a permission checking another permission for granting access, i.e. a user is a member of a role