laravel:policies-and-authorization

📁 jpcaparas/superpowers-laravel 📅 Jan 21, 2026

总安装量

周安装量

#11393

全站排名

安装命令

npx skills add https://github.com/jpcaparas/superpowers-laravel --skill laravel:policies-and-authorization

Agent 安装分布

claude-code 14

gemini-cli 12

codex 10

github-copilot 9

antigravity 8

Skill 文档

Policies and Authorization

Use Policies for per-model actions; use Gates for cross-cutting checks.

Commands

# Generate a policy
sail artisan make:policy PostPolicy --model=Post   # or: php artisan make:policy PostPolicy --model=Post

# Apply in routes (resource controllers)
Route::resource('posts', PostController::class);
// In controller constructor
$this->authorizeResource(Post::class, 'post');

# One-off checks
$this->authorize('update', $post);           // in controller
Gate::allows('manage-billing', $user);       // ad-hoc gate

Patterns

Use resource policy methods: viewAny, view, create, update, delete, restore, forceDelete
Prefer policy methods over inline checks; keeps controllers clean
Register policies in AuthServiceProvider
Use can middleware for quick route protection: ->middleware('can:update,post')
In tests, assert actingAs($user)->get(...)->assertForbidden() for denied cases

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台