The issue I'm running into is that I want to express that an access level can have multiple relations defining the "permission boundaries" and the user is a member of a given accesslevel. And then not having to enumerate all of the accesslevel relations in subsequent resource definitions by instead just referencing the permission.