Hi all, I am looking to model user defined roles like the example in the Playground with built-in roles as well but I want to define an

organization

. Each organization would receive the built in roles that are immutable and then they can also create their own custom roles associated with their organization. Users can then be assigned a different role for each organization (based on which ones are available for them). I fail to wrap my head around taking the example of user defined roles, or the iam example and translating it to my use case. For example if I add to the data below, the user intended for

proj2

would get the same permission and access to

proj1

.

role:spanner_database_reader#bound_user@user:project_2_db_reader
project:proj2#granted@role:spanner_database_reader

There must be another layer here that I need to add, I'm still trying to crack that puzzle. Has anyone ran into such a case, any tips on modelling it? Thanks