policies in guillaumebriday/laravel-blog

app/Policies/PostPolicy.php

<?php

namespace App\Policies;

use App\Models\Post;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class PostPolicy
{
    public function update(User $user, Post $post): bool
    {
        return $user->isAdmin();
    }

    public function delete(User $user, Post $post): bool
    {
        return $user->isAdmin();
    }
}

app/Http/Controllers/Api/V1/PostController.php

Open in GitHub

use App\Http\Controllers\Controller;
use App\Http\Requests\Admin\PostsRequest;
use App\Http\Resources\Post as PostResource;
use App\Models\Post;
use Illuminate\Http\Request;
use Illuminate\Http\Response;

class PostController extends Controller
{
    public function update(PostsRequest $request, Post $post): PostResource
    {
        $this->authorize('update', $post);

        $post->update($request->only(['title', 'content', 'posted_at', 'author_id', 'thumbnail_id']));

        return new PostResource($post);
    }

    public function destroy(Post $post): Response
    {
        $this->authorize('delete', $post);

        $post->delete();

        return response()->noContent();
    }
}

Laravel Roles and Permissions: All CORE Things You Need To Know

Povilas Korop

www.youtube.com

May 27, 2021

Video

How To Use Laravel Gates And Policies?

Keyur Gadher

coding-lesson.com

Dec 12, 2020

Article

Policy Usage: Adding more policies

laracasts.com

Jul 29, 2019

Forum topic