AT:

• Extend https://docs.camunda.org/manual/7.10/reference/rest/authorization/get-check/ such that the user for which to check authorization can be defined as a query parameter
• If the user to be checked has the requested permission, but the requesting user is not allowed to read that permission, then the result should be "not authorized"

Context:

• Cawemo and Optimize use the platform's user and permission management
• so far, the way to achieve that is to make user and authorization queries and evaluate the access check logic on their side, which is inefficient, complicated and error-prone for a security-critical task