Adding Gates and Policies

In the previous lesson, we separated all the MVC files for each role. Now, let's look at the opposite example.

What if you want to have the same set of routes/controllers/views for all roles, just control who can access what inside the code itself?

Imagine a list of tasks everyone sees, but only admins can see the button to create a new task.

So, let's explore this example step-by-step.

By the end of this lesson, our repository will have THESE tests passing:

Initial Project: Task Management + users.is_admin

The starting point would be similar to the project from the first lesson.

• Laravel Breeze
• Task model/migration
• Added users.is_admin boolean column

Controller, Route and Navigation

We will have one common Controller for both admins and regular users.

php artisan make:controller TaskController

Fill it in with the list:

app/Http/Controllers/TaskController.php:

namespace App\Http\Controllers;
 
use App\Models\Task;
use Illuminate\View\View;
 
class TaskController extends Controller
{
    public function index(): View
    {
        $tasks = Task::with('user')->get();
 
        return view('tasks.index', compact('tasks'));
    }
}

Finally, let's add the Route, assigning the Resource right away for all the future Tasks CRUD methods.

routes/web.php:

use App\Http\Controllers\TaskController; 
 
Route::middleware('auth')->group(function () {
    // ... Breeze default routes
 
    Route::resource('tasks', TaskController::class); 
});

The final thing is to add the link to that route. In the Breeze navigation file, we need to add...