To write such custom permission rules, I suggest you use Laravel form requests.
https://laravel.com/docs/6.x/validation#form-request-validation

If you are familiar with FormRequest, there are two methods inside it.
You can use the auth method. Inside that method, you have access to the authenticated user. You can implement your logic inside the auth method.