Laravel Policies

Simple tutorial for using Laravel Policies to control what your users can and cannot do.

Laravel Policies

Learn how to write a Laravel Policy to control what your users can and cannot do. In this tutorial, you will learn:

  1. What a Laravel Policy is
  2. How to create a Laravel Policy

What is a Laravel Policy?

A Laravel Policy is used when you would like to place authorization logic around a specific model or resource.

How to Create a Laravel Policy

  1. From the terminal, type in:
    php artisan make:policy PostPolicy --model=Post
  2. Go to: app/provider/authserviceprovider.php and add the lines:
    use App\Post; 
    use App\Policies\PostPolicy;
    protected $policies = [
            Post::class => PostPolicy::class,
        ];
  3. From within your App\Policies\PostPolicy.php file, add the lines:
    public function update(User $user, Post $post)
    {
    return $user->id === $post->user_id;
    }