> laravel-policies-and-authorization
Enforce access via Policies and Gates; use authorize() and authorizeResource() to standardize controller protections
fetch
$
curl "https://skillshub.wtf/noartem/skills/laravel-policies-and-authorization?format=md"SKILL.md•laravel-policies-and-authorization
Policies and Authorization
Use Policies for per-model actions; use Gates for cross-cutting checks.
Commands
# Generate a policy
sail artisan make:policy PostPolicy --model=Post # or: php artisan make:policy PostPolicy --model=Post
# Apply in routes (resource controllers)
Route::resource('posts', PostController::class);
// In controller constructor
$this->authorizeResource(Post::class, 'post');
# One-off checks
$this->authorize('update', $post); // in controller
Gate::allows('manage-billing', $user); // ad-hoc gate
Patterns
- Use resource policy methods:
viewAny, view, create, update, delete, restore, forceDelete - Prefer policy methods over inline checks; keeps controllers clean
- Register policies in
AuthServiceProvider - Use
canmiddleware for quick route protection:->middleware('can:update,post') - In tests, assert
actingAs($user)->get(...)->assertForbidden()for denied cases
> related_skills --same-repo
> vue3-component-decomposition
Decompose large Vue 3 components into focused SFCs and composables with explicit contracts, simple templates, and SSR-safe side effects.
> shadcn-vue
shadcn-vue for Vue/Nuxt with Reka UI components and Tailwind. Use for accessible UI, Auto Form, data tables, charts, dark mode, MCP server setup, or encountering component imports, Reka UI errors.
> laravel-transactions-and-consistency
Wrap multi-write operations in transactions; use dispatchAfterCommit and idempotency patterns to ensure consistency
> laravel-template-method-and-plugins
Stabilize workflows with Template Method or Strategy; extend by adding new classes instead of editing core logic
┌ stats
installs/wk0
░░░░░░░░░░github stars6
█░░░░░░░░░first seenMar 17, 2026
└────────────