Permissioning Model For Strapi

I’m currently using Ghost CMS which works great for my use case but I am running into some limitations and wanted to see if moving to using Strapi would be fix my current issues.

I’d like to have a more robust permissioning model where I design the data model to have a set of “Tags” or “Categories” that a certain user can have access to.

For example:

UserA has write access to Linux but can’t write to announcements.
UserB is an author in Linux and announcements but can’t publish anything.

Also, is it possible to limit the user’s rights based on SSO data? For example, automatic elevating rights based on domain and such?

Thank you for your time and help. Much appreciated.