use Azuriom\Models\Comment;use Azuriom\Models\User;use Illuminate\Auth\Access\HandlesAuthorization; class CommentPolicy{ use HandlesAuthorization; public function create(User $user): bool { return $user->can('comments.create'); } public function delete(User $user, Comment $comment): bool { return $user->is($comment->author) || $user->can('comments.delete.other'); }}use Azuriom\Models\User;use Illuminate\Support\Facades\Gate; class AppServiceProvider extends ServiceProvider{ // ... public function boot(): void { // ... Gate::before(function (User $user, string $ability, array $arguments) { if ($user->isAdmin()) { return true; } if (empty($arguments)) { return $user->role->hasRawPermission($ability); } }); }}class PostCommentController extends Controller{ public function __construct() { $this->authorizeResource(Comment::class); } // ...}use Illuminate\Foundation\Auth\Access\AuthorizesRequests;use Illuminate\Foundation\Validation\ValidatesRequests;use Illuminate\Routing\Controller as BaseController; abstract class Controller extends BaseController{ use AuthorizesRequests; use ValidatesRequests;}