Oh and another thing I forgot: we have a relation in our schema that we'd like to be reflexive because it models a "Users can see other users in their organizational unit" permission and the only thing I could come up with was to add a

relation part_of: org_unit

to users and

relation member: user

to the org unit and computing "they can see them" as

permission get = part_of->member

. This seems to work, but it requires us to maintain and keep in sync both sides manually. Is there a way to add a reflexive relation?

That's right, unfortunately today you'd have to keep those two relationships. We don't have support for what you mention, I opened an issue a while ago (named it inverse relations, since they look very similar to what you do ORMs) https://github.com/authzed/spicedb/issues/356

Awesome, thanks for your quick replies!