check(resource: "repository:123", permission: "write", subject: "user:456")