In the Ory Permission Language (OPL), you can use logical operators such as

&&

(AND) and

||

(OR) in the body of a permission check. The body of a permission check is either a

IncludesCheck

(a check that something is in a set) or a

TransitiveCheck

(a call to a permission on a relation). Here is the general structure of a permission check with a logical operator:

typescript PermissionBody = ( "(" PermissionBody ")" ) | ( PermissionCheck | { Operator PermissionBody } ) .   Operator = "||" | "&&" .   PermissionCheck = TransitiveCheck | IncludesCheck .

For example, if you want to check if a user is either an editor or an owner of a document, you can use the

||

operator:

typescript edit: (ctx: Context): boolean =>   this.related.editors.includes(ctx.subject) ||   this.related.owners.includes(ctx.subject) ||   this.related.parents.traverse((parent) => parent.permits.edit(ctx)),

If you want to check if a user is both an editor and an owner of a document, you can use the

&&

operator:

typescript edit: (ctx: Context): boolean =>   this.related.editors.includes(ctx.subject) &&   this.related.owners.includes(ctx.subject),

Please note that the above code is just an example and may not work in your specific use case. You should adjust the code according to your requirements. For more information, you can refer to the [Ory Permission Language specification](https://www.ory.sh/docs/keto/reference/ory-permission-language#permission-definition).

The code you provided is using the logical AND operator (

&&

) to check if a subject is included in both

persons

and

emails

viewers. This means that the

hasAccess

permission will only return

true

if the subject is a viewer in both

persons

and

emails

.

typescript permits = {   hasAccess: (ctx: Context): boolean =>     this.related.persons.traverse((person) => person.related.viewers.includes(ctx.subject)) &&     this.related.emails.traverse((email) => email.related.viewers.includes(ctx.subject)) }

If this is returning

false

even though you expect both conditions to be

true

, there could be a few reasons: 1. The subject might not be included in either the

persons

viewers or the

emails

viewers. You can check this by logging the results of the individual traverse functions. 2. The

traverse

function might not be working as expected. This function is used to traverse a relation and apply a permission check to each related object. If there's an issue with the relation or the permission check, this could cause the function to return

false

. 3. There could be a timing issue. If the relationships or permissions are being updated asynchronously, there could be a delay before the changes are reflected in the permission check. Without more information about your specific use case and setup, it's hard to provide a more specific answer. I would recommend checking the individual conditions and the

traverse

function to see if you can identify the issue. For more information about how to define permissions in the Ory Permission Language, you can refer to the [Ory documentation](https://www.ory.sh/docs/keto/reference/ory-permission-language#permission-definition).