Hi folks, I'm looking at SpiceDB for an internal authz system. I'm trying to implement a simple RBAC schema where relationships are unique with regard to role. For simplicity, assume something like:

definition user {}
definition document {
   relation admin: user
   relation viewer: user
}

What I want is for user to have either an

admin

relationship with document or a

viewer

relationship with document, but not both. But I can't figure out the schema syntax that would support that. Is that possible or is it the client's responsibility to keep that from happening? Sorry if this is a newbie question, but I'm a newbie. 🙂