Need help with n<->n authorization

Hi folks,

I'm trying to implement an authorization system with users, roles and permissions. Each user can have multiple roles, each role multiple permissions and users can have multiple 'snowflake' permissions as well.

This is my migration schema:

I really need help with this problem. Is there any better approach?