So.... I am modeling GCP Org, Folder, Projects using Postgresql, and keeping track of those relations in SpiceDB when policy is applied. I have a drop down in my UI that will only display orgs they have permissions to. Do I query SpiceDB here to see what orgs they have permission to? Trying to understand how much relational data I need to keep in PG or what that authz middleware looks like for knowing what orgs to make availble in the list.