ColeOmni
10/27/2022, 7:32 PMdefinition user {
}
definition employee {
relation user: user
relation manager: employee
}
definition expense {
relation creator: employee
// creator of expense can view
permission view = creator->user
// manager of creator of expense can view
// multiple hierarchal lookup 'creator->manager->user' doesn't work because `Nested arrows not yet supported`
// permission view = creator->manager->user
}
// facts
// employee:abc#user@user:1
// expense:1#creator@employee:abc
// employee:xyz#user@user:2
// employee:abc#manager@employee:xyz
// assertions
// - "expense:1#view@user:1"
// - "expense:1#view@user:2"`
I tried your work-around permission manager_user = manager->user
but it also doesn't like that, it says relation/permission manager
not found under definition expense