My keys are manual. This gives be more freedom. Consider for example what happens with pedigree collapse (two lines join on an ancestor). I give then two keys to allow people on both branches to access the record.
More generally, the key is space-separated list of ids telling “who” is allowed to access the record. Users in the authentication database are associated with a list of ids telling which records (or “lineages”) they are entitled to. Intersection of record key and user “rights” must not be empty to unlock access.
I found this approach less restrictive than a strict lineage strategy. Some users may be active contributors and it would not be fair to restrict them to their own lineage. Therefore, their “rights” contain more than one id so that they browse various parts of the tree.
Within a Gramps tree, Attributes can be shared. In simple cases, I have one attribute which is assigned to several persons or families. This takes care globally of common situations. It is also easy to modify this single attribute and the change is effective on all sharing records at once.