Syebaurgh
10/21/2022, 6:27 PMdefinition location {
relation administrator: user | role#member
relation devices_viewer: user | role#member
permission admin = administrator
permission view_devices = devices_viewer + admin
}
definition role {
relation member: user | role#member
}
so for example, the user has the administrator
relation with a location and wants to create a role with the view_devices
permission through the devices_viewer
relation, but since they don't have the devices_viewer
relationship but have the view_devices
permission, how do we check that the user can grant the role the view_devices
permission through the devices_viewer
relation which would ultimately grant the role the view_devices
permission?