Policies are classes that help you organise authorisation logic around a model resource. Using our previous example, we might have a
ContentPolicy that manages user access to the
ContentPolicy, laravel provides an artisan command. Simply run
php artisan make:policy ContentPolicy
This will make an empty policy class and place in
app/Policies folder. If the folder does not exist, Laravel will create it and place the class inside.
Once created, policies need to be registered to help Laravel know which policies to use when authorising actions on models. Laravel's
AuthServiceProvider, which comes with all fresh Laravel installations, has a policies property which maps your eloquent models to their authorisation policies. All you need to do add the mapping to the array.
protected $policies = [ Content::class => ContentPolicy::class, ];