Grant special priviliges to user in RBAC

I am using role based access control for authorization in an enterprise software. I created three classes: User, Role and Privilege. User has a many to many relationship with Role and Role has a many to many relationship with Privilege. One of the customer's requirements is to add special privileges to a specific user. For example User u has a Role called r and according to that, u can only call foo service. But I want to add privilege p so he can call bar service too, even though that his role does not allow him to call bar. Only solution that comes to my mind is that User has a many to many relationship with Privilege as well. But I don't think that is a good idea.