I'm in 3.5.1

Currently, I have the following permission hierarchy:

Identity I -> SAP Account A -> Activity Group P1 -> TCODE P2.

If I query Identity I, I can see that it has SAP Account A and Activity Group P1. Similarly if I query SAP Account A I can see that it is mapped to Identity I and it contains permission P1. I cannot see P2 unless I query P1.

Is there a way to see if Identity I or SAP Account A is mapped to P2 permission?

In other (hopefully clearer) words: Can I query IG to see which users have which TCODES?