After reading the post https://authzed.com/blog/user-defined-roles/ i have a quesion about "how permission on resource mapping to capability on project", is there any way require no manual modeling. In my case project like a container, project owner can request a lot of resources(like issues in github case) to be imported into project.Above post suggesting define capabilities on project which grouping resources' permissions ,before granting role-capability-project tuple.For easing the burden of project owner when adding new resource, is it ＯＫ to just bypass the capability modeling and do 1 to 1 permission mapping only? For example auto mapping create_comment permission on issue to issue.create_comment relation on project , when user select to add issue resource to the project.