hey team, I have some modeling question. I have some authorization use case. We are a health company. We would like to support allowing one person to do virtual care operations on behave of another person. Like parent could schedule visits for their children and view past visits information. But some state has law to prevent parent access a specific type of previous visits. Therefore, the permission I could like to achieve is: parent has permission to access virtual visits on behave of child except that parent could not view a specific type of health info if the child is in a specific state