I think it's not possible by using an NXQL querry however you can try directly in SQL (postgresql) :
SELECT hierarchy.id AS "Document ID",
hierarchy.name AS "Document Name",
acls.grant AS "Grant",
acls.permission AS "Permission",
acls.user AS "User/Group ID" FROM acls
LEFT JOIN hierarchy ON (hierarchy.parentId = acls.id)
LEFT JOIN user2group ON ("user2group"."groupId" = acls.user)
WHERE hierarchy.parentId = '<documentId>'
AND ("user2group"."userId" = '<userId>' OR acls.user = '<userId>');
Replace <userId> and <documentId> according to your needs.
NB: This request not take into account rights inherited by groups. (try to make a more complicated request using 'group2group')
