diff --git a/app/policies/synapse_policy.rb b/app/policies/synapse_policy.rb
new file mode 100644
index 00000000..7cd305bf
--- /dev/null
+++ b/app/policies/synapse_policy.rb
@@ -0,0 +1,25 @@
+class SynapsePolicy < ApplicationPolicy
+  class Scope < Scope
+    def resolve
+      scope.where('permission IN ("public", "commons") OR user_id = ?', user.id)
+    end
+  end
+
+  def create?
+    user.present?
+  end
+
+  def show?
+    #record.permission == 'commons' || record.permission == 'public' || record.user == user
+    true
+  end
+
+  def update?
+    #user.present? && (record.permission == 'commons' || record.user == user)
+    true
+  end
+
+  def destroy?
+    record.user == user || user.admin
+  end
+end