Need help with n<->n authorization

Hi folks,

I'm trying to implement an authorization system with users, roles and
permissions. Each user can have multiple roles, each role multiple
permissions and users can have multiple 'snowflake' permissions as

This is my migration schema:

I really need help with this problem. Is there any better approach?