SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

If you have an `organization` and can create roles for it and assign any permission on any resource in the organization, with a direct or indirect relationship with the org, to the role, would that require updating the ZedToken on the organization every time any relationship is updated/written so the role can have the most up to date permissions when checking?
In that case is that pretty much just having one zedToken and using it everywhere?