But I want to make sure the that the user doing the granting has the resulting permission,

view_devices

and we know that user only has the

administrator

relation not the

devices_viewer

relation. Would I have to make note in my application the specific relation that corresponds to the permission that can be granted and then I can check if the user has that permission before creating the relation with the role? Would that be the encoding in my application?