What is the best approach to manage User Resource by Role?

I have 4 level roles, already created using spatie/laravel-permission as well as their permissions; Internal Manager, Internal Staff, Customer, Employee (customer's employee). The app is about HR management (Software As Service).

Each role will have some authorization check before access with this condition:

// Note about abbreviation
CRUS     = Create, Read, Update, SoftDelete.
CRUSF    = CRUS + Force Delete
Internal = The internal SaS company staffs.

1. Internal Manager can only Accept/Reject CRUS from Internal Staff.
2. Internal Staff can CRUS all users but require confirmation from Internal Manager.
3. Customer can CRUSF their Employee.
4. Employee can CRUSF another Employee but require permission based on their specific role.

As well as this requirements:

Each user at the given role cannot access any information about users above their given role. Except for the information given from notifications (from who, to who).

I was thinking about this two possibility to achieve those requirements:

1. Creating only One UserController and One UserPolicy then do stuffs and attach $this->authorize inside if-else/switch condition with queries from the model.
2. Creating one controller and one policy for each type of user then attach $this->authorizeResource on the constructor and do stuffs with queries from the model.

What is the most suitable and less error-prone for the use case? I want to make it easier to debug on the future so I think the second one is good enough because it have separated controller, and policy for each user.

Or maybe you guys have another reference? Please let me know!

EDIT

My user table are a single users table.