Hi all, I'm evaluating using Authzed for a new project. The requirements of the system are below: A permission is tuple of: - user or group - role or scope - resource - schedule resources optionally have parents, whereby all permission defined for parents are inherited to children. A role represents multiple scopes To check, I pass the user, scope, resource, time I would like role and scope to be runtime modifiable. Is such a set of requirements achievable with Authzed/spicedb? It seems the runtime user-modifiable roles may be a stretch.