Is keto permission model able to express the follo...
# talk-keto
f
Is keto permission model able to express the following. A file can be viewed by either user or a group. If user is in the group that can view the file he also can view a file. This issue seems to suggest otherwise.
s
The issue also has a workaround that currently has to be used
p
Isn’t the solution to just do something like this?
Copy code
class File implements Namespace {
  related: {
    viewers: (User | SubjectSet<Group, "members">)[]
  }
}
s
that is also a possible approach
f
@purple-match-65245 @steep-lamp-91158 Would one supposed to add
file:hello.txt#owners@group:some_group#members
To make group
some_group
owners of a file
hello.txt
?
s
in that case you don't make the group, but the members of the group owners
does not sound like much of a difference, but in case you e.g. add a user to the group with an
admin
relationship, they would not be in the members list, and therefore would not be an owner
that's why in most cases you actually want to not use that, but rather use the global rules