#```entity user {

Hey @tulip sinew,
You have two options to implement this logic, depending on your use case:

Option 1: Passing Data in the Request

In this approach, you pass the department information as part of the request’s context data. The rule then checks if the provided department matches the host’s department. Example:

entity host {
  attribute department string

  permission view_host = check_department(department)
}

rule check_department(department string) {
    context.data.department == department
}

Request Example:

name: admin_access_test
  checks:
    - entity: host:1
      subject: user:1
      context: 
        data:
          department: HR
      assertions:
        view_host: true

Option 2: Cross-Entity Attribute Referencing
If you want to check the user’s department directly from their attributes instead of passing it in the request, you’ll need to use cross-entity attributes. Like here: https://docs.permify.co/getting-started/modeling#using-attributes-across-entities

This approach pulls the user’s department directly and compares it with the host’s department. However, this feature is in beta and requires enterprise access.

If you are interested with enterprise features you can book a call so we can figure out what you need.