diff --git a/app/Models/Permission.php b/app/Models/Permission.php
index 008473f3c..391f5e8d2 100644
--- a/app/Models/Permission.php
+++ b/app/Models/Permission.php
@@ -42,22 +42,35 @@ class Permission extends Model
      */
     protected $guarded = ['id', 'created_at', 'updated_at'];
 
-     /**
-      * Cast values to correct type.
-      *
-      * @var array
-      */
-     protected $casts = [
-         'user_id' => 'integer',
-         'server_id' => 'integer',
-     ];
+    /**
+     * Cast values to correct type.
+     *
+     * @var array
+     */
+    protected $casts = [
+        'subuser_id' => 'integer',
+    ];
 
+    /**
+     * Find permission by permission node.
+     *
+     * @param  \Illuminate\Database\Query\Builder $query
+     * @param  string                             $permission
+     * @return \Illuminate\Database\Query\Builder
+     */
     public function scopePermission($query, $permission)
     {
         return $query->where('permission', $permission);
     }
 
-    public function scopeServer($query, $server)
+    /**
+     * Filter permission by server.
+     *
+     * @param  \Illuminate\Database\Query\Builder $query
+     * @param  \Pterodactyl\Models\Server         $server
+     * @return \Illuminate\Database\Query\Builder
+     */
+    public function scopeServer($query, Server $server)
     {
         return $query->where('server_id', $server->id);
     }
diff --git a/app/Models/Subuser.php b/app/Models/Subuser.php
index 826995d0c..6d390df95 100644
--- a/app/Models/Subuser.php
+++ b/app/Models/Subuser.php
@@ -79,4 +79,14 @@ class Subuser extends Model
     {
         return $this->belongsTo(User::class);
     }
+
+    /**
+     * Gets the permissions associated with a subuser.
+     *
+     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     */
+    public function permissions()
+    {
+        return $this->hasMany(Pemission::class);
+    }
 }
diff --git a/app/Models/User.php b/app/Models/User.php
index 6d1bfa19b..abcddf227 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -199,11 +199,11 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
     /**
      * Returns all permissions that a user has.
      *
-     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     * @return \Illuminate\Database\Eloquent\Relations\HasManyThrough
      */
     public function permissions()
     {
-        return $this->hasMany(Permission::class);
+        return $this->hasManyThrough(Permission::class, Subuser::class);
     }
 
     /**
diff --git a/app/Policies/ServerPolicy.php b/app/Policies/ServerPolicy.php
index 3ef54f436..d67f3aced 100644
--- a/app/Policies/ServerPolicy.php
+++ b/app/Policies/ServerPolicy.php
@@ -39,6 +39,23 @@ class ServerPolicy
         //
     }
 
+    /**
+     * Checks if the user has the given permission on/for the server.
+     *
+     * @param \Pterodactyl\Models\User   $user
+     * @param \Pterodactyl\Models\Server $server
+     * @param $permission
+     * @return bool
+     */
+    private function checkPermission(User $user, Server $server, $permission)
+    {
+        if ($this->isOwner($user, $server)) {
+            return true;
+        }
+
+        return $user->permissions()->server($server)->permission($permission)->exists();
+    }
+
     /**
      * Determine if current user is the owner of a server.
      *
@@ -521,21 +538,4 @@ class ServerPolicy
     {
         return $this->checkPermission($user, $server, 'set-allocation');
     }
-
-    /**
-     * Checks if the user has the given permission on/for the server.
-     *
-     * @param \Pterodactyl\Models\User   $user
-     * @param \Pterodactyl\Models\Server $server
-     * @param $permission
-     * @return bool
-     */
-    private function checkPermission(User $user, Server $server, $permission)
-    {
-        if ($this->isOwner($user, $server)) {
-            return true;
-        }
-
-        return $user->permissions()->server($server)->permission($permission)->exists();
-    }
 }
diff --git a/database/migrations/2017_02_09_174834_SetupPermissionsPivotTable.php b/database/migrations/2017_02_09_174834_SetupPermissionsPivotTable.php
new file mode 100644
index 000000000..fe87c4f77
--- /dev/null
+++ b/database/migrations/2017_02_09_174834_SetupPermissionsPivotTable.php
@@ -0,0 +1,72 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+use Pterodactyl\Models\Subuser;
+use Pterodactyl\Models\Permission;
+
+class SetupPermissionsPivotTable extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('permissions', function (Blueprint $table) {
+            $table->unsignedInteger('subuser_id')->after('id');
+        });
+
+        DB::transaction(function () {
+            foreach(Subuser::all() as &$subuser) {
+                Permission::where('user_id', $subuser->user_id)->where('server_id', $subuser->server_id)->update([
+                    'subuser_id' => $subuser->id,
+                ]);
+            }
+        });
+
+        Schema::table('permissions', function (Blueprint $table) {
+            $table->dropForeign('permissions_server_id_foreign');
+            $table->dropIndex('permissions_server_id_foreign');
+            $table->dropForeign('permissions_user_id_foreign');
+            $table->dropIndex('permissions_user_id_foreign');
+
+            $table->dropColumn('server_id');
+            $table->dropColumn('user_id');
+            $table->foreign('subuser_id')->references('id')->on('subusers');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('permissions', function (Blueprint $table) {
+            $table->unsignedInteger('server_id')->after('subuser_id');
+            $table->unsignedInteger('user_id')->after('server_id');
+        });
+
+        DB::transaction(function () {
+            foreach(Subuser::all() as &$subuser) {
+                Permission::where('subuser_id', $subuser->id)->update([
+                    'user_id' => $subuser->user_id,
+                    'server_id' => $subuser->server_id,
+                ]);
+            }
+        });
+
+        Schema::table('permissions', function (Blueprint $table) {
+            $table->dropForeign('permissions_subuser_id_foreign');
+            $table->dropIndex('permissions_subuser_id_foreign');
+            $table->dropColumn('subuser_id');
+
+            $table->foreign('server_id')->references('id')->on('servers');
+            $table->foreign('user_id')->references('id')->on('users');
+        });
+    }
+}