diff --git a/app/Conductors/EventConductor.php b/app/Conductors/EventConductor.php
index 68bc48c..a47bc9b 100644
--- a/app/Conductors/EventConductor.php
+++ b/app/Conductors/EventConductor.php
@@ -1,37 +1,92 @@
 <?php
+
 namespace App\Conductors;
 
+use Carbon\Carbon;
 use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Database\Eloquent\Collection;
 use Illuminate\Database\Eloquent\Model;
-use Illuminate\Http\Request;
-use Illuminate\Support\Str;
 
-class EventConductor extends Conductor {
+class EventConductor extends Conductor
+{
+    /**
+     * The Model Class
+     * @var string
+     */
     protected $class = '\App\Models\Event';
-    // protected $includes = ['yaw'];
 
-    public function scope(Builder $builder) {
+    /**
+     * The default sorting field
+     * @var string
+     */
+    protected $sort = 'start_at';
 
-    }
 
-    public function fields(Model $model) {
-        return ['id', 'title', 'location', 'address'];
-    }
-
-    public function transform(Model $model) {
-        if($model->location == 'online') {
-            unset($model['address']);
+    /**
+     * Run a scope query on the collection before anything else.
+     *
+     * @param Builder $builder The builder in use.
+     * @return void
+     */
+    public function scope(Builder $builder)
+    {
+        $user = auth()->user();
+        if ($user === null || $user->has_permission('admin/events') === false) {
+            $builder
+                ->where('status', '!=', 'draft')
+                ->where('publish_at', '<=', now());
         }
-        
-        return $model->toArray();
     }
 
-    public static function viewable(Model $model) {
+    /**
+     * Return if the current model is visible.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow model to be visible.
+     */
+    public static function viewable(Model $model)
+    {
+        if (strtolower($model->status) === 'draft' || Carbon::parse($model->publish_at)->isFuture() === true) {
+            $user = auth()->user();
+            if ($user === null || $user->has_permission('admin/events') === false) {
+                return false;
+            }
+        }
+
         return true;
     }
 
-    public function includeYaw(Model $model) {
-        $model->yaw = 'YAW!!';
+    /**
+     * Return if the current model is creatable.
+     *
+     * @return boolean Allow creating model.
+     */
+    public static function creatable()
+    {
+        $user = auth()->user();
+        return ($user !== null && $user->has_permission('admin/events') === true);
     }
-}
\ No newline at end of file
+
+    /**
+     * Return if the current model is updatable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow updating model.
+     */
+    public static function updatable(Model $model)
+    {
+        $user = auth()->user();
+        return ($user !== null && $user->has_permission('admin/events') === true);
+    }
+
+    /**
+     * Return if the current model is deletable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow deleting model.
+     */
+    public static function deletable(Model $model)
+    {
+        $user = auth()->user();
+        return ($user !== null && $user->has_permission('admin/events') === true);
+    }
+}
diff --git a/app/Conductors/MediaConductor.php b/app/Conductors/MediaConductor.php
new file mode 100644
index 0000000..6ad3de8
--- /dev/null
+++ b/app/Conductors/MediaConductor.php
@@ -0,0 +1,109 @@
+<?php
+
+namespace App\Conductors;
+
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Model;
+
+class MediaConductor extends Conductor
+{
+    /**
+     * The Model Class
+     * @var string
+     */
+    protected $class = '\App\Models\Media';
+
+    /**
+     * The default sorting field
+     * @var string
+     */
+    protected $sort = 'created_at';
+
+
+    /**
+     * Return an array of model fields visible to the current user.
+     *
+     * @param Model $model The model in question.
+     * @return array The array of field names.
+     */
+    public function fields(Model $model)
+    {
+        $fields = parent::fields($model);
+
+        $user = auth()->user();
+        if ($user === null || $user->hasPermission('admin/media') === false) {
+            $fields = arrayRemoveItem($fields, 'permission');
+        }
+
+        return $fields;
+    }
+
+    /**
+     * Run a scope query on the collection before anything else.
+     *
+     * @param Builder $builder The builder in use.
+     * @return void
+     */
+    public function scope(Builder $builder)
+    {
+        $user = auth()->user();
+        if ($user === null) {
+            $builder->whereNull('permission');
+        } else {
+            $builder->whereNull('permission')->orWhereIn('permission', $user->permissions);
+        }
+    }
+
+    /**
+     * Return if the current model is visible.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow model to be visible.
+     */
+    public static function viewable(Model $model)
+    {
+        if ($model->permission !== null) {
+            $user = auth()->user();
+            if ($user === null || $user->has_permission($model->permission) === false) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Return if the current model is creatable.
+     *
+     * @return boolean Allow creating model.
+     */
+    public static function creatable()
+    {
+        $user = auth()->user();
+        return ($user !== null);
+    }
+
+    /**
+     * Return if the current model is updatable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow updating model.
+     */
+    public static function updatable(Model $model)
+    {
+        $user = auth()->user();
+        return ($user !== null && (strcasecmp($model->user_id, $user->id) === 0 || $user->has_permission('admin/media') === true));
+    }
+
+    /**
+     * Return if the current model is deletable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow deleting model.
+     */
+    public static function deletable(Model $model)
+    {
+        $user = auth()->user();
+        return ($user !== null && ($model->user_id === $user->id || $user->has_permission('admin/media') === true));
+    }
+}
diff --git a/app/Conductors/PostConductor.php b/app/Conductors/PostConductor.php
new file mode 100644
index 0000000..63b4988
--- /dev/null
+++ b/app/Conductors/PostConductor.php
@@ -0,0 +1,91 @@
+<?php
+
+namespace App\Conductors;
+
+use Carbon\Carbon;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Model;
+
+class PostConductor extends Conductor
+{
+    /**
+     * The Model Class
+     * @var string
+     */
+    protected $class = '\App\Models\Post';
+
+    /**
+     * The default sorting field
+     * @var string
+     */
+    protected $sort = '-publish_at';
+
+
+    /**
+     * Run a scope query on the collection before anything else.
+     *
+     * @param Builder $builder The builder in use.
+     * @return void
+     */
+    public function scope(Builder $builder)
+    {
+        $user = auth()->user();
+        if ($user === null || $user->has_permission('admin/posts') === false) {
+            $builder
+                ->where('publish_at', '<=', now());
+        }
+    }
+
+    /**
+     * Return if the current model is visible.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow model to be visible.
+     */
+    public static function viewable(Model $model)
+    {
+        if (Carbon::parse($model->publish_at)->isFuture() === true) {
+            $user = auth()->user();
+            if ($user === null || $user->has_permission('admin/posts') === false) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Return if the current model is creatable.
+     *
+     * @return boolean Allow creating model.
+     */
+    public static function creatable()
+    {
+        $user = auth()->user();
+        return ($user !== null && $user->has_permission('admin/posts') === true);
+    }
+
+    /**
+     * Return if the current model is updatable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow updating model.
+     */
+    public static function updatable(Model $model)
+    {
+        $user = auth()->user();
+        return ($user !== null && $user->has_permission('admin/posts') === true);
+    }
+
+    /**
+     * Return if the current model is deletable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow deleting model.
+     */
+    public static function deletable(Model $model)
+    {
+        $user = auth()->user();
+        return ($user !== null && $user->has_permission('admin/posts') === true);
+    }
+}
diff --git a/app/Conductors/SubscriptionConductor.php b/app/Conductors/SubscriptionConductor.php
new file mode 100644
index 0000000..d121a4f
--- /dev/null
+++ b/app/Conductors/SubscriptionConductor.php
@@ -0,0 +1,12 @@
+<?php
+
+namespace App\Conductors;
+
+class SubscriptionConductor extends Conductor
+{
+    /**
+     * The Model Class
+     * @var string
+     */
+    protected $class = '\App\Models\Subscription';
+}
diff --git a/app/Conductors/UserConductor.php b/app/Conductors/UserConductor.php
index c05bdbc..f27e3e0 100644
--- a/app/Conductors/UserConductor.php
+++ b/app/Conductors/UserConductor.php
@@ -1,4 +1,5 @@
 <?php
+
 namespace App\Conductors;
 
 use Illuminate\Database\Eloquent\Builder;
@@ -7,47 +8,75 @@ use Illuminate\Database\Eloquent\Model;
 use Illuminate\Http\Request;
 use Illuminate\Support\Str;
 
-class UserConductor extends Conductor {
+class UserConductor extends Conductor
+{
+    /**
+     * The Model Class
+     * @var string
+     */
     protected $class = '\App\Models\User';
 
-    public function fields(Model $model) {
+
+    /**
+     * Return the visible API fields.
+     *
+     * @param Model $model The model.
+     * @return string[] The fields visible.
+     */
+    public function fields(Model $model)
+    {
         $user = auth()->user();
-        
-        if($user === null || $user->hasPermission('admin/users') === false) {
+        if ($user === null || $user->hasPermission('admin/users') === false) {
             return ['id', 'username'];
         }
 
         return parent::fields($model);
     }
 
-    public function transform(Model $model) {
+    /**
+     * Transform the passed Model to an array
+     *
+     * @param Model $model The model to transform.
+     * @return array The transformed model.
+     */
+    public function transform(Model $model)
+    {
         $user = auth()->user();
         $data = $model->toArray();
 
-        if($user === null || strcasecmp($user->id, $model->id) !== 0) {
+        if ($user === null || strcasecmp($user->id, $model->id) !== 0) {
             $fields = ['id', 'username'];
-            $data = array_intersect_key($data, array_flip($fields));
+            $data = arrayOnlyItems($data, $fields);
         }
-        
+
         return $data;
     }
 
-    public static function viewable(Model $model) {
-        return true;
-    }
-
-    public static function updatable(Model $model) {
+    /**
+     * Return if the current model is updatable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow updating model.
+     */
+    public static function updatable(Model $model)
+    {
         $user = auth()->user();
-        
-        if($user !== null) {
-            return $user->hasPermission('admin/users') === true || strcasecmp($user->id, $model->id) === 0;
+        if ($user !== null) {
+            return ($user->hasPermission('admin/users') === true || strcasecmp($user->id, $model->id) === 0);
         }
 
         return false;
     }
 
-    public static function destroyable(Model $model) {
+    /**
+     * Return if the current model is deletable.
+     *
+     * @param Model $model The model.
+     * @return boolean Allow deleting model.
+     */
+    public static function destroyable(Model $model)
+    {
         $user = auth()->user();
-        return $user !== null && $user->hasPermission('admin/users') === true;
+        return ($user !== null && $user->hasPermission('admin/users') === true);
     }
-}
\ No newline at end of file
+}