To write such custom permission rules, I suggest you use Laravel form requests.
https://laravel.com/docs/6.x/validation#form-request-validation
If you are familiar with FormRequest, there are two methods inside it.
You can use the auth method. Inside that method, you have access to the authenticated user. You can implement your logic inside the auth method.