<@247824634320257025> say I have a service which ...
# spicedb
@yetitwo say I have a service which exposes a REST API which allows its consumer to lookup resources of a given object_type for which a use has a specific permission The API looks like this:
Copy code
get /api/lookup-resources?object_type=resource&permission={a_permission_name}&user={user_id}
If spicedb has the API mentioned aboved implemented, I can easily expose another API to let my service consumer to get a list of permissions they can use to make the above API call:
Copy code
get /api/ReBAC-schema/objects/{resource}/permissions

//returns ["write","view"]
Otherwise, I would have to hard coded permissions associated to a object on my service code somewhere.