SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

Hi all!
I would like to know which `permissions` a `subject` has on a particular `resource`.
The underlying idea is that the frontend would be able to gray out/hide functionality that the current `subject` doesn't have permission to perform anyway.
I thought about using the `LookupSubjects` api, but since I'm only interested in a single subject this seems kinda wasteful as I didn't see an option to filter by subject id.
Alternatively I could probably use `BulkCheckPermission` to ask SpiceDB to evaluate all permissions I care about.

Is there a more idiomatic way to solve this?
Thanks!