👨‍💼 Great work. There are lots of different ways to accomplish this, but it's important that we have a standard way to handle permissions in our own application.

As mentioned, there is definitely opportunity to improve this with a custom Prisma client extension. If you figure out a good solution for that, let us know!

🦉 It should be mentioned that our approach works because we allow admins to also be users (we added both roles to the Kody user). However, if you wanted to not add the user role to the admin, you would need to do one of two things:

await requireUserWithPermission(
	request,
	isOwner ? `update:note:any,own` : `update:note:any`,
)

If you ask me, you should probably just make admins users as well. But, making the admin role also get permissions to modify their own entities makes sense as well.