@yetitwo say I have a service which exposes a REST API which allows its consumer to lookup resources of a given object_type for which a use has a specific permission The API looks like this:

get /api/lookup-resources?object_type=resource&permission={a_permission_name}&user={user_id}

If spicedb has the API mentioned aboved implemented, I can easily expose another API to let my service consumer to get a list of permissions they can use to make the above API call:

get /api/ReBAC-schema/objects/{resource}/permissions

//returns ["write","view"]

Otherwise, I would have to hard coded permissions associated to a object on my service code somewhere.