SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

Hello, how are you guys? 🤘

Based on this schema:
```
definition user {}
definition course {
  relation reader: user
  relation writer: user
  permission view = reader + writer
}
definition program {
  relation reader: user
  relation writer: user
  permission view = reader + writer
}
```
We can have:
For **alice** user:
**1.** `course:1#writer@user:alice`
**2.** `course:2#reader@user:alice`

For **alex** user:
**1.** `program:2#writer@user:alex`
**2.** `program:1#reader@user:alex`

**Question**:
How can I have a admin user who will be able to manage all resources? 
This would be an application and not resource level permission. I only want to set/check if the user has a **role** (admin), without having to add a permission to each resource type as below:
`course:*#writer@user:admin` and `program:*#writer@user:admin`