Hi all, I have a schema design question about using caveats in SpiceDB for a feature restriction use case. High-level setup: - An Enterprise has multiple Users, Teams, and Campaigns - Teams consist of Users - Features can be restricted at the Enterprise or Campaign level - Restrictions can be overridden to allow specific Users or Teams Behavioral rules: - If a feature is restricted at the enterprise level but allowed for a team, all members of that team should have access to it - If a feature is allowed for a specific user, only that user should have access My current implementation uses caveats to restrict access by default (e.g., "allow none"), then selectively allow based on user or team membership. This seems to work in general, but I’m unsure about the best way to model team-based overrides — specifically, how to ensure that when a team is allowed a feature, all users in that team inherit access. Should I be modeling this with caveats, or is that over-complicating the schema? Would it be more appropriate to handle this without caveats? Any suggestions or examples on how to handle this kind of override logic would be appreciated! Link to the playground here - https://play.authzed.com/s/lDcxPb73M4Wd/schema Thanks!