Tutorial by Examples

Gates are closures that determine if a user is allowed to perform a certain action on a resource. Gates are typically defined in the boot method of AuthServiceProvider and succinctly named to reflect what it's doing. An example of a gate that allows only premium users to view some content will look ...

To use the example above on a blade template to hide content from the user, you would typically do something like this: @can('view-content', $content) <! -- content here --> @endcan To completely prevent navigation to the content, you can do the following in your controller: if(Gate::a...

Policies are classes that help you organise authorisation logic around a model resource. Using our previous example, we might have a ContentPolicy that manages user access to the Content model. To make ContentPolicy, laravel provides an artisan command. Simply run php artisan make:policy ContentPo...

Writing Policies follows much the same pattern as writing Gates. The content permission gate can be rewritten as a Policy like this: function view($user, $content) { return $user->isSubscribedTo($content->id); } Policies can contain more methods as needed to take care of all authori...

Via The User model The Laravel User model contains two methods that help with authorisations using Policies; can and can't. These two can be used to determine if a user has authorisation or not on a model respectively. To check if a user can view a content or not, you can do the following: if($us...