diff --git a/app/Filament/Server/Resources/Activities/ActivityResource.php b/app/Filament/Server/Resources/Activities/ActivityResource.php
index 30dd56bfd..3c5b0eaf7 100644
--- a/app/Filament/Server/Resources/Activities/ActivityResource.php
+++ b/app/Filament/Server/Resources/Activities/ActivityResource.php
@@ -6,7 +6,6 @@ use App\Filament\Admin\Resources\Users\Pages\EditUser;
 use App\Filament\Components\Tables\Columns\DateTimeColumn;
 use App\Filament\Server\Resources\Activities\Pages\ListActivities;
 use App\Models\ActivityLog;
-use App\Models\Permission;
 use App\Models\Role;
 use App\Models\Server;
 use App\Models\User;
@@ -164,11 +163,6 @@ class ActivityResource extends Resource
             });
     }
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_ACTIVITY_READ, Filament::getTenant());
-    }
-
     /** @return array<string, PageRegistration> */
     public static function getDefaultPages(): array
     {
diff --git a/app/Filament/Server/Resources/Allocations/AllocationResource.php b/app/Filament/Server/Resources/Allocations/AllocationResource.php
index 92e70c554..df57050d5 100644
--- a/app/Filament/Server/Resources/Allocations/AllocationResource.php
+++ b/app/Filament/Server/Resources/Allocations/AllocationResource.php
@@ -23,7 +23,6 @@ use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Columns\TextInputColumn;
 use Filament\Tables\Table;
-use Illuminate\Database\Eloquent\Model;
 
 class AllocationResource extends Resource
 {
@@ -116,26 +115,6 @@ class AllocationResource extends Resource
             ]);
     }
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_ALLOCATION_READ, Filament::getTenant());
-    }
-
-    public static function canCreate(): bool
-    {
-        return user()?->can(Permission::ACTION_ALLOCATION_CREATE, Filament::getTenant());
-    }
-
-    public static function canEdit(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_ALLOCATION_UPDATE, Filament::getTenant());
-    }
-
-    public static function canDelete(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_ALLOCATION_DELETE, Filament::getTenant());
-    }
-
     /** @return array<string, PageRegistration> */
     public static function getDefaultPages(): array
     {
diff --git a/app/Filament/Server/Resources/Backups/BackupResource.php b/app/Filament/Server/Resources/Backups/BackupResource.php
index 7506675be..77ae72455 100644
--- a/app/Filament/Server/Resources/Backups/BackupResource.php
+++ b/app/Filament/Server/Resources/Backups/BackupResource.php
@@ -40,7 +40,6 @@ use Filament\Support\Enums\IconSize;
 use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
-use Illuminate\Database\Eloquent\Model;
 use Illuminate\Http\Client\ConnectionException;
 use Illuminate\Http\Request;
 use Symfony\Component\HttpKernel\Exception\HttpException;
@@ -296,21 +295,6 @@ class BackupResource extends Resource
             ]);
     }
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_BACKUP_READ, Filament::getTenant());
-    }
-
-    public static function canCreate(): bool
-    {
-        return user()?->can(Permission::ACTION_BACKUP_CREATE, Filament::getTenant());
-    }
-
-    public static function canDelete(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_BACKUP_DELETE, Filament::getTenant());
-    }
-
     /** @return array<string, PageRegistration> */
     public static function getDefaultPages(): array
     {
diff --git a/app/Filament/Server/Resources/Databases/DatabaseResource.php b/app/Filament/Server/Resources/Databases/DatabaseResource.php
index b87efd9a5..ff0e61a86 100644
--- a/app/Filament/Server/Resources/Databases/DatabaseResource.php
+++ b/app/Filament/Server/Resources/Databases/DatabaseResource.php
@@ -31,7 +31,6 @@ use Filament\Schemas\Schema;
 use Filament\Support\Enums\IconSize;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
-use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\Str;
 
 class DatabaseResource extends Resource
@@ -208,31 +207,6 @@ class DatabaseResource extends Resource
             ]);
     }
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_DATABASE_READ, Filament::getTenant());
-    }
-
-    public static function canView(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_DATABASE_READ, Filament::getTenant());
-    }
-
-    public static function canCreate(): bool
-    {
-        return user()?->can(Permission::ACTION_DATABASE_CREATE, Filament::getTenant());
-    }
-
-    public static function canEdit(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_DATABASE_UPDATE, Filament::getTenant());
-    }
-
-    public static function canDelete(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_DATABASE_DELETE, Filament::getTenant());
-    }
-
     /** @return array<string, PageRegistration> */
     public static function getDefaultPages(): array
     {
diff --git a/app/Filament/Server/Resources/Files/FileResource.php b/app/Filament/Server/Resources/Files/FileResource.php
index 281758113..2870ba565 100644
--- a/app/Filament/Server/Resources/Files/FileResource.php
+++ b/app/Filament/Server/Resources/Files/FileResource.php
@@ -7,14 +7,11 @@ use App\Filament\Server\Resources\Files\Pages\EditFiles;
 use App\Filament\Server\Resources\Files\Pages\ListFiles;
 use App\Filament\Server\Resources\Files\Pages\SearchFiles;
 use App\Models\File;
-use App\Models\Permission;
 use App\Traits\Filament\BlockAccessInConflict;
 use App\Traits\Filament\CanCustomizePages;
 use App\Traits\Filament\CanCustomizeRelations;
-use Filament\Facades\Filament;
 use Filament\Resources\Pages\PageRegistration;
 use Filament\Resources\Resource;
-use Illuminate\Database\Eloquent\Model;
 
 class FileResource extends Resource
 {
@@ -30,26 +27,6 @@ class FileResource extends Resource
 
     protected static bool $isScopedToTenant = false;
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_FILE_READ, Filament::getTenant());
-    }
-
-    public static function canCreate(): bool
-    {
-        return user()?->can(Permission::ACTION_FILE_CREATE, Filament::getTenant());
-    }
-
-    public static function canEdit(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_FILE_UPDATE, Filament::getTenant());
-    }
-
-    public static function canDelete(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_FILE_DELETE, Filament::getTenant());
-    }
-
     /** @return array<string, PageRegistration> */
     public static function getDefaultPages(): array
     {
diff --git a/app/Filament/Server/Resources/Schedules/ScheduleResource.php b/app/Filament/Server/Resources/Schedules/ScheduleResource.php
index ccb949705..a3db782ac 100644
--- a/app/Filament/Server/Resources/Schedules/ScheduleResource.php
+++ b/app/Filament/Server/Resources/Schedules/ScheduleResource.php
@@ -13,7 +13,6 @@ use App\Filament\Server\Resources\Schedules\Pages\ListSchedules;
 use App\Filament\Server\Resources\Schedules\Pages\ViewSchedule;
 use App\Filament\Server\Resources\Schedules\RelationManagers\TasksRelationManager;
 use App\Helpers\Utilities;
-use App\Models\Permission;
 use App\Models\Schedule;
 use App\Traits\Filament\BlockAccessInConflict;
 use App\Traits\Filament\CanCustomizePages;
@@ -26,7 +25,6 @@ use Filament\Actions\CreateAction;
 use Filament\Actions\DeleteAction;
 use Filament\Actions\EditAction;
 use Filament\Actions\ViewAction;
-use Filament\Facades\Filament;
 use Filament\Forms\Components\Select;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Components\Toggle;
@@ -46,7 +44,6 @@ use Filament\Support\Exceptions\Halt;
 use Filament\Tables\Columns\IconColumn;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
-use Illuminate\Database\Eloquent\Model;
 use Illuminate\Support\HtmlString;
 use Throwable;
 
@@ -64,26 +61,6 @@ class ScheduleResource extends Resource
 
     protected static string|\BackedEnum|null $navigationIcon = 'tabler-clock';
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_SCHEDULE_READ, Filament::getTenant());
-    }
-
-    public static function canCreate(): bool
-    {
-        return user()?->can(Permission::ACTION_SCHEDULE_CREATE, Filament::getTenant());
-    }
-
-    public static function canEdit(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_SCHEDULE_UPDATE, Filament::getTenant());
-    }
-
-    public static function canDelete(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_SCHEDULE_DELETE, Filament::getTenant());
-    }
-
     /**
      * @throws Exception
      */
@@ -358,7 +335,8 @@ class ScheduleResource extends Resource
                     ->state(fn (Schedule $schedule) => $schedule->status === ScheduleStatus::Active ? $schedule->next_run_at : null),
             ])
             ->recordActions([
-                ViewAction::make(),
+                ViewAction::make()
+                    ->hidden(fn ($record) => static::canEdit($record)),
                 EditAction::make(),
                 DeleteAction::make()
                     ->after(function (Schedule $schedule) {
diff --git a/app/Filament/Server/Resources/Users/UserResource.php b/app/Filament/Server/Resources/Users/UserResource.php
index 4b5d98ff6..77a388cb8 100644
--- a/app/Filament/Server/Resources/Users/UserResource.php
+++ b/app/Filament/Server/Resources/Users/UserResource.php
@@ -37,7 +37,6 @@ use Filament\Support\Enums\IconSize;
 use Filament\Tables\Columns\ImageColumn;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Table;
-use Illuminate\Database\Eloquent\Model;
 
 class UserResource extends Resource
 {
@@ -63,26 +62,6 @@ class UserResource extends Resource
         return $server->subusers->count();
     }
 
-    public static function canViewAny(): bool
-    {
-        return user()?->can(Permission::ACTION_USER_READ, Filament::getTenant());
-    }
-
-    public static function canCreate(): bool
-    {
-        return user()?->can(Permission::ACTION_USER_CREATE, Filament::getTenant());
-    }
-
-    public static function canEdit(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_USER_UPDATE, Filament::getTenant());
-    }
-
-    public static function canDelete(Model $record): bool
-    {
-        return user()?->can(Permission::ACTION_USER_DELETE, Filament::getTenant());
-    }
-
     public static function defaultTable(Table $table): Table
     {
         /** @var Server $server */
diff --git a/app/Policies/ApiKeyPolicy.php b/app/Policies/Admin/ApiKeyPolicy.php
similarity index 77%
rename from app/Policies/ApiKeyPolicy.php
rename to app/Policies/Admin/ApiKeyPolicy.php
index 37aac9093..5c468162f 100644
--- a/app/Policies/ApiKeyPolicy.php
+++ b/app/Policies/Admin/ApiKeyPolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 class ApiKeyPolicy
 {
diff --git a/app/Policies/DatabaseHostPolicy.php b/app/Policies/Admin/DatabaseHostPolicy.php
similarity index 95%
rename from app/Policies/DatabaseHostPolicy.php
rename to app/Policies/Admin/DatabaseHostPolicy.php
index 75eb8386d..59eab17c0 100644
--- a/app/Policies/DatabaseHostPolicy.php
+++ b/app/Policies/Admin/DatabaseHostPolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 use App\Models\DatabaseHost;
 use App\Models\User;
diff --git a/app/Policies/DefaultPolicies.php b/app/Policies/Admin/DefaultPolicies.php
similarity index 97%
rename from app/Policies/DefaultPolicies.php
rename to app/Policies/Admin/DefaultPolicies.php
index 2eb29fa59..59584f776 100644
--- a/app/Policies/DefaultPolicies.php
+++ b/app/Policies/Admin/DefaultPolicies.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
diff --git a/app/Policies/EggPolicy.php b/app/Policies/Admin/EggPolicy.php
similarity index 76%
rename from app/Policies/EggPolicy.php
rename to app/Policies/Admin/EggPolicy.php
index bd589f1b2..9343f7a94 100644
--- a/app/Policies/EggPolicy.php
+++ b/app/Policies/Admin/EggPolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 class EggPolicy
 {
diff --git a/app/Policies/MountPolicy.php b/app/Policies/Admin/MountPolicy.php
similarity index 94%
rename from app/Policies/MountPolicy.php
rename to app/Policies/Admin/MountPolicy.php
index 9495dd08d..3bc27db83 100644
--- a/app/Policies/MountPolicy.php
+++ b/app/Policies/Admin/MountPolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 use App\Models\Mount;
 use App\Models\User;
diff --git a/app/Policies/NodePolicy.php b/app/Policies/Admin/NodePolicy.php
similarity index 93%
rename from app/Policies/NodePolicy.php
rename to app/Policies/Admin/NodePolicy.php
index 6a459155c..3a33fe19c 100644
--- a/app/Policies/NodePolicy.php
+++ b/app/Policies/Admin/NodePolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 use App\Models\Node;
 use App\Models\User;
diff --git a/app/Policies/RolePolicy.php b/app/Policies/Admin/RolePolicy.php
similarity index 76%
rename from app/Policies/RolePolicy.php
rename to app/Policies/Admin/RolePolicy.php
index edcc834e3..3ff909e89 100644
--- a/app/Policies/RolePolicy.php
+++ b/app/Policies/Admin/RolePolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 class RolePolicy
 {
diff --git a/app/Policies/UserPolicy.php b/app/Policies/Admin/UserPolicy.php
similarity index 94%
rename from app/Policies/UserPolicy.php
rename to app/Policies/Admin/UserPolicy.php
index 6f975b474..43abdfa7b 100644
--- a/app/Policies/UserPolicy.php
+++ b/app/Policies/Admin/UserPolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 use App\Models\User;
 use Illuminate\Database\Eloquent\Model;
diff --git a/app/Policies/WebhookConfigurationPolicy.php b/app/Policies/Admin/WebhookConfigurationPolicy.php
similarity index 79%
rename from app/Policies/WebhookConfigurationPolicy.php
rename to app/Policies/Admin/WebhookConfigurationPolicy.php
index d95694301..5f65d2d7d 100644
--- a/app/Policies/WebhookConfigurationPolicy.php
+++ b/app/Policies/Admin/WebhookConfigurationPolicy.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Admin;
 
 class WebhookConfigurationPolicy
 {
diff --git a/app/Policies/DatabasePolicy.php b/app/Policies/DatabasePolicy.php
deleted file mode 100644
index ce54b9e64..000000000
--- a/app/Policies/DatabasePolicy.php
+++ /dev/null
@@ -1,10 +0,0 @@
-<?php
-
-namespace App\Policies;
-
-class DatabasePolicy
-{
-    use DefaultPolicies;
-
-    protected string $modelName = 'database';
-}
diff --git a/app/Policies/Server/ActivityLogPolicy.php b/app/Policies/Server/ActivityLogPolicy.php
new file mode 100644
index 000000000..f5b20c09b
--- /dev/null
+++ b/app/Policies/Server/ActivityLogPolicy.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+
+class ActivityLogPolicy
+{
+    protected string $modelName = 'activityLog';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_ACTIVITY_READ, Filament::getTenant());
+    }
+
+    public static function view(): bool
+    {
+        return user()?->can(Permission::ACTION_ACTIVITY_READ, Filament::getTenant());
+    }
+}
diff --git a/app/Policies/Server/AllocationPolicy.php b/app/Policies/Server/AllocationPolicy.php
new file mode 100644
index 000000000..5ed31568c
--- /dev/null
+++ b/app/Policies/Server/AllocationPolicy.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+use Illuminate\Database\Eloquent\Model;
+
+class AllocationPolicy
+{
+    protected string $modelName = 'allocation';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_ALLOCATION_READ, Filament::getTenant());
+    }
+
+    public static function create(): bool
+    {
+        return user()?->can(Permission::ACTION_ALLOCATION_CREATE, Filament::getTenant());
+    }
+
+    public static function edit(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_ALLOCATION_UPDATE, Filament::getTenant());
+    }
+
+    public static function delete(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_ALLOCATION_DELETE, Filament::getTenant());
+    }
+}
diff --git a/app/Policies/Server/BackupPolicy.php b/app/Policies/Server/BackupPolicy.php
new file mode 100644
index 000000000..3dd5bf081
--- /dev/null
+++ b/app/Policies/Server/BackupPolicy.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+use Illuminate\Database\Eloquent\Model;
+
+class BackupPolicy
+{
+    protected string $modelName = 'backup';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_BACKUP_READ, Filament::getTenant());
+    }
+
+    public static function create(): bool
+    {
+        return user()?->can(Permission::ACTION_BACKUP_CREATE, Filament::getTenant());
+    }
+
+    public static function delete(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_BACKUP_DELETE, Filament::getTenant());
+    }
+}
diff --git a/app/Policies/Server/DatabasePolicy.php b/app/Policies/Server/DatabasePolicy.php
new file mode 100644
index 000000000..cafd43113
--- /dev/null
+++ b/app/Policies/Server/DatabasePolicy.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+use Illuminate\Database\Eloquent\Model;
+
+class DatabasePolicy
+{
+    protected string $modelName = 'database';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_DATABASE_READ, Filament::getTenant());
+    }
+
+    public static function view(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_DATABASE_READ, Filament::getTenant());
+    }
+
+    public static function create(): bool
+    {
+        return user()?->can(Permission::ACTION_DATABASE_CREATE, Filament::getTenant());
+    }
+
+    public static function edit(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_DATABASE_UPDATE, Filament::getTenant());
+    }
+
+    public static function delete(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_DATABASE_DELETE, Filament::getTenant());
+    }
+}
diff --git a/app/Policies/Server/DefaultPolicies.php b/app/Policies/Server/DefaultPolicies.php
new file mode 100644
index 000000000..62b6c12f7
--- /dev/null
+++ b/app/Policies/Server/DefaultPolicies.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Policies\Server;
+
+trait DefaultPolicies
+{
+    /**
+     * This is a horrendous hack to avoid Laravel's "smart" behavior that does
+     * not call the before() function if there isn't a function matching the
+     * policy permission.
+     */
+    public function __call(string $name, mixed $arguments): void
+    {
+        // do nothing
+    }
+}
diff --git a/app/Policies/Server/FilePolicy.php b/app/Policies/Server/FilePolicy.php
new file mode 100644
index 000000000..5a8737491
--- /dev/null
+++ b/app/Policies/Server/FilePolicy.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+use Illuminate\Database\Eloquent\Model;
+
+class FilePolicy
+{
+    protected string $modelName = 'file';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_FILE_READ, Filament::getTenant());
+    }
+
+    public static function create(): bool
+    {
+        return user()?->can(Permission::ACTION_FILE_CREATE, Filament::getTenant());
+    }
+
+    public static function edit(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_FILE_UPDATE, Filament::getTenant());
+    }
+
+    public static function delete(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_FILE_DELETE, Filament::getTenant());
+    }
+}
diff --git a/app/Policies/Server/SchedulePolicy.php b/app/Policies/Server/SchedulePolicy.php
new file mode 100644
index 000000000..a18807b71
--- /dev/null
+++ b/app/Policies/Server/SchedulePolicy.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+use Illuminate\Database\Eloquent\Model;
+
+class SchedulePolicy
+{
+    protected string $modelName = 'schedule';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_SCHEDULE_READ, Filament::getTenant());
+    }
+
+    public static function create(): bool
+    {
+        return user()?->can(Permission::ACTION_SCHEDULE_CREATE, Filament::getTenant());
+    }
+
+    public static function edit(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_SCHEDULE_UPDATE, Filament::getTenant());
+    }
+
+    public static function delete(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_SCHEDULE_DELETE, Filament::getTenant());
+    }
+}
diff --git a/app/Policies/ServerPolicy.php b/app/Policies/Server/ServerPolicies.php
similarity index 79%
rename from app/Policies/ServerPolicy.php
rename to app/Policies/Server/ServerPolicies.php
index d032405d7..374aac84c 100644
--- a/app/Policies/ServerPolicy.php
+++ b/app/Policies/Server/ServerPolicies.php
@@ -1,6 +1,6 @@
 <?php
 
-namespace App\Policies;
+namespace App\Policies\Server;
 
 use App\Models\Permission;
 use App\Models\Server;
@@ -43,14 +43,4 @@ class ServerPolicy
         // Return null to let default policies take over
         return null;
     }
-
-    /**
-     * This is a horrendous hack to avoid Laravel's "smart" behavior that does
-     * not call the before() function if there isn't a function matching the
-     * policy permission.
-     */
-    public function __call(string $name, mixed $arguments): void
-    {
-        // do nothing
-    }
 }
diff --git a/app/Policies/Server/UserPolicy.php b/app/Policies/Server/UserPolicy.php
new file mode 100644
index 000000000..d5971152e
--- /dev/null
+++ b/app/Policies/Server/UserPolicy.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Policies\Server;
+
+use App\Models\Permission;
+use Filament\Facades\Filament;
+use Illuminate\Database\Eloquent\Model;
+
+class UserPolicy
+{
+    protected string $modelName = 'user';
+
+    public static function viewAny(): bool
+    {
+        return user()?->can(Permission::ACTION_USER_READ, Filament::getTenant());
+    }
+
+    public static function create(): bool
+    {
+        return user()?->can(Permission::ACTION_USER_CREATE, Filament::getTenant());
+    }
+
+    public static function edit(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_USER_UPDATE, Filament::getTenant());
+    }
+
+    public static function delete(Model $record): bool
+    {
+        return user()?->can(Permission::ACTION_USER_DELETE, Filament::getTenant());
+    }
+}
diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 68b75514b..56064a87d 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -26,6 +26,7 @@ use App\Services\Helpers\SoftwareVersionService;
 use Dedoc\Scramble\Scramble;
 use Dedoc\Scramble\Support\Generator\OpenApi;
 use Dedoc\Scramble\Support\Generator\SecurityScheme;
+use Filament\Facades\Filament;
 use Filament\Forms\Components\Field;
 use Filament\Forms\Components\TextInput\Actions\CopyAction;
 use Filament\Support\Colors\Color;
@@ -169,8 +170,21 @@ class AppServiceProvider extends ServiceProvider
             ]);
         }
 
-        Gate::before(function (User $user, $ability) {
-            return $user->isRootAdmin() ? true : null;
+        Gate::before(fn (User $user, $ability) => $user->isRootAdmin() ? true : null);
+
+        Gate::guessPolicyNamesUsing(function (string $modelClass) {
+            $panelId = mb_ucfirst(Filament::getCurrentOrDefaultPanel()->getId());
+
+            if ($panelId === 'App') {
+                return;
+            }
+
+            $modelName = class_basename($modelClass);
+            $class = "App\\Policies\\{$panelId}\\{$modelName}Policy";
+
+            if (class_exists($class)) {
+                return $class;
+            }
         });
 
         AboutCommand::add('Pelican', [