When implementing the managed VectorSearch, what is the preferred way to implement row based access control? I see that you can use the filter API during a query, so simple filters using a certain column may work, but what if all the security information is in another table?
The use case in question is for a RAG workflow, but where some information should be limited based on the querying user. The filter API probably work fine for a simple "information_deprecated" flag, but probably not for checking group membership.
