Hi! I’m building a simple permission model where a user can belong to a group and members of certain groups can view certain documents. It’s basically a simplification of the permission model discussed in the quickstart (https://www.ory.sh/docs/guides/permissions/overview#ory-network-setup). Now, I would like to list all documents a certain user has access to. So far, I was able to do this in two steps: retrieve all groups a user belongs to and then retrieve all documents those groups are allowed to view. Is it possible to do this in a single step? Thank you!

Well, I didn't test this myself, but you could look into using the SDK's PermissionApi.ExpandPermissions(), and setting the MaxDepth to however deep you want to walk the tree. Again, I didn't test this, but it makes sense that it would return all nodes it hits along the paths 🙂

expand currently only works the other way around, getting all subjects that have a certain relation to an object it will be the next big feature in keto to allow what you asked for, getting all objects one has access to

@steep-lamp-91158, would you have an idea when you plan to release that feature? It's something I'd find useful as well!

It is high on the prio list, but not the highest item rn... we know that it is much needed, but there is only so many hours in a day

Understood, thank you!