Auth System (DB based) -> Need general roles and relationship based permission

Hello there,

i'm currently researching the possibilities of Laravel concerning an Authorization model. I want to have a basic first Layer of Authorization that enables USERS to have Roles (like "visitor", "user", "admin", "superadmin"). This Part seems to be easily doable with the Built in Auth System or the Spatie/Bouncer packages. What i need on top of that would be a Relationship/Permission based Auth System per "User". An easy example would be a profile of an actor.

Given Roles:

• Owner (full rights, actress itself )
• Manager (can edit everything but not delete )
• Photographer ( can only edit Media )
• Editor ( can only edit posts/text on the profile )

If the actor would work for an agency the respective roles(see list above) of the agency employees would have access to her profile depending on the roles theyd have in the company.

Some Pointers:

• I have one table for all Users currently planned
• it can be a user to user roles only. If a user gets a role in an agency i could just update the permission for all actors would be cleaner to have it layered though.
• Users can have multiple Roles for multiple other Users

Bonus Points:

• agency employees have roles for selected actors only (set by the owner of the agency or so)

I'm seeking advice cause i havent built such a system myself yet. Maybe there is an easy solution, like "built-in" or a package, for this problem that i'm not aware of. I did google for a bit but didnt find anything helpful.

I like the basic auth design of laravel and would like to keep it consistent throughout the application.

Thanks in advance devguy