I tried using spatie/laravel-permission, but it did not fully cover my use case.

For some context,
my system is pretty complex, kind of similar to what GitHub does. The problem is that (and maybe I am wrong here) I cannot use my permission system (my policies rely on it btw) inside a global scope. Even if I could, it feels like a bad practice, because scopes are not meant for that and it would require loading everything into memory first.

Right now I am using complex queries inside my global scope to avoid any data leaks. But it feels like I am basically creating another custom permission layer just for view access, even though I already built one.