We’ve introduced a new API endpoint to retrieve all permissions associated with a resource relation. With this endpoint, you can perform enforcement without checking stored authorization data. For example in given a Permify Schema like:
Let's say you have a user X with a manager role. If you want to check what user X can do on a documents ? You can use the schema lookup endpoint as follows,
Request: POST /schemas/lookup
The response will return all the possible actions that manager can perform on documents. Also you can extend relation lookup as much as you want by adding relations to the "relation_names" array as strings.