Hi Jay, If all the permissions are easy to specify and similar, e.g. all students can see information for their own enrolled courses, then use your own model.
If all the permissions might be different and set on an individual basis with many exceptions and complications, then auth is built for that. In which case you may as well leverage the auth model to get your fine-grained control. Just be wary that sometimes what starts out easy can soon become more complicated than you'd imagined, so it's well worth giving it some thought before you choose (as you are). -D
