Function resolve_identity_permission 

pub async fn resolve_identity_permission(
    pubkey: &PublicKey,
    identity: &SigKey,
    auth_settings: &AuthSettings,
    instance: Option<&Instance>,
) -> Result<Permission>

Resolve the permission level for a pubkey + identity against auth settings.

Shared validation logic used by both the local path (Database::validate_key, which holds a DatabaseKey that bundles signing key + identity) and the remote path (the service server, which has the pubkey from the session challenge-response and the identity from the request’s authenticated scope).

Arguments

• pubkey - The public key to validate
• identity - The SigKey identity claiming access
• auth_settings - The database’s auth configuration
• instance - Optional Instance for delegation resolution; required when identity is a SigKey::Delegation