A couple of questions around ways that people have approached things in the past.
1. Is there a way to batch permission check requests? I see this issue:
https://github.com/authzed/spicedb/issues/621. I could also just wrap all of the calls in Promise.all to do them in parallel.
2. What is the most efficient way to deal with admins and listing resources. I.e. an admin will be able to list all resources (lots) while a non admin would only be able to list a subset. I could do a permissions call for an admin only list all permission followed by a lookup resources call if that failed, but then I would be doing two calls.