the other option is to filter your query in postgres first, and then call

CheckPermission

for each of those IDs