Laravel Authorization Using Gates


Gates are closures that determine if a user is allowed to perform a certain action on a resource. Gates are typically defined in the boot method of AuthServiceProvider and succinctly named to reflect what it's doing. An example of a gate that allows only premium users to view some content will look like this:

Gate::define('view-content', function ($user, $content){
    return $user->isSubscribedTo($content->id);

A Gate always receives a user instance as the first argument, you don't need to pass it when using the gate, and may optionally receive additional arguments such as the eloquent model in concern.