Hi everyone, I’d love some help/feedback on a simple SpiceDB schema I’m working with. I have the following schema:

definition user {}

definition group {
    relation parent: group
    relation editor: user

    permission view = parent + parent->view
    permission edit = editor + parent->edit
}

And these relationships:

group:GroupB#parent@group:GroupA
group:GroupC#parent@group:GroupB
group:GroupD#parent@group:GroupB
group:GroupE#parent@group:GroupA

group:GroupA#editor@user:User1
group:GroupB#editor@user:User2
group:GroupE#editor@user:User3

Because

edit

is inherited via the parent relationship, any user who has

edit

on

GroupA

also gets edit on all of `GroupA`’s subgroups (B, C, D, E, etc.). I wish to create a nested tree structure representing all the groups for which a user has edit permission. Here’s how I’m doing it now: 1. Ask SpiceDB: “Which groups does User1 have

edit

permission on?” (

LookupResourcesRequest

) - I get

[GroupA, GroupB, GroupC, GroupD, GroupE]

. 2. To build the tree, I then ask for each group: “Which groups does this group have

view

permission on?” (

LookupResourcesRequest

) - For example: - GroupA has view on

[GroupB, GroupC, GroupD, GroupE]

- GroupB has view on

[GroupC, GroupD]

- GroupC has view on

[]

- GroupD has view on

[]

- GroupE has view on

[]

3. From those results, I run a recursive algorithm to stitch them into a nested structure. ---- My question: In order to construct that tree, do I actually need the view permission defined and used in this way? Or could I build the same hierarchy purely by traversing the parent relation? Is there a more straightforward approach to retrieving the hierarchy from SpiceDB, given that I already know which groups the user can edit?