This issue is well explained, one suggestion I would like to add if possible, make "relation" parameter optional, if not passed, return all the possible permissions.