Gatefacade is available to easily manipulate gates.
boot()method of your service provider.
has()which is returning a boolean:
any()return a boolean indicating if user is authorized
authorize()does not return a boolean but will raise an
AuthorizationExceptionexception instead that will be rendered as an HTTP response with a 403 status code.
Authorizesclass can be added to your User model to allow quick permission checks:
for_user()method on the Gate facade to make the verification against a given user instead of the authenticated user.
afterhooks can be triggered.
beforehook can be added like this:
afterhook works the same way:
aftercallback is returning a value it will take priority over the gate result check.
Gatefacade methods to authorize actions defined in your policies. With the previously defined
PostPolicywe could make the following calls:
view_any()methods do not take a model instance, that is why the model class should be provided so that Gate mechanism can infer from which policy those methods are belonging to.