Hi! I'm new to the idea of running authorization as separate part of the stack - but I'm super intrigued. One question I have is how to translate these permissions to search or query operations in my datastore. Of course, ID lookups totally make sense, but what about a case in which I'm trying to query all records a user has the right to access?