policies in agorakit/agorakit

app/Policies/CommentPolicy.php

use App\Comment;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class CommentPolicy
{
    public function delete(User $user, Comment $comment)
    {
        if ($user->isAdminOf($comment->discussion->group)) {
            return true;
        }

        return $user->id === $comment->user_id;
    }

    public function history(User $user, Comment $comment)
    {
        return $user->isMemberOf($comment->discussion->group);
    }
}

app/Http/Controllers/CommentController.php

Open in GitHub

use App\Comment;
use App\Discussion;
use App\Group;
use Illuminate\Http\Request;

class CommentController extends Controller
{
    public function destroyConfirm(Request $request, Group $group, Discussion $discussion, Comment $comment)
    {
        $this->authorize('delete', $comment);

        return view('comments.delete')
            ->with('discussion', $discussion)
            ->with('group', $group)
            ->with('comment', $comment)
            ->with('tab', 'discussion');
    }

    public function history(Request $request, Group $group, Discussion $discussion, Comment $comment)
    {
        $this->authorize('history', $comment);

        return view('comments.history')
            ->with('group', $group)
            ->with('discussion', $discussion)
            ->with('comment', $comment)
            ->with('tab', 'discussion');
    }
}

agorakit/agorakit

app/Policies/CommentPolicy.php

app/Http/Controllers/CommentController.php

Additional resources on policies:

Laravel Roles and Permissions: All CORE Things You Need To Know

How To Use Laravel Gates And Policies?

Policy Usage: Adding more policies