Role based authorization

Hi there,

I am currently playing around with lumen and I love it so far. At this point I need to make sure I only allow users to do certain actions depending on the object they are trying to top the actions. Let me try to clarify:

User is part of organization and is admin but not directly attached to object-> he is allowed to view / edit User is part of organization but is no admin and not directly attached to object-> he is denied to view / edit User is part of organization but is no admin and is directly attached to object-> he is allowed to view / edit

Where "view / edit" should be different permissions which are defined in roles. How would you guys solve such a thing in lumen?