Authorization

Gates, policies, and permission checks

Authorization checks if an authenticated user has permission to perform a specific action.

Simple closures that determine if a user can perform an action.

User
Gates
Action
Permission checks
Alice (owner)edit Post #1allowed
Bob (not owner)edit Post #1denied
PHP
Gate::define('update-post', function (User $user, Post $post) {
    return $user->id === $post->user_id;
});

if (Gate::allows('update-post', $post)) { ... }
Previous
12 / 20
Next