Gates, policies, and the #[Can] attribute -- control who can do what with expressive, testable authorization checks.
composer require marko/authorizationuse Marko\Authorization\Contracts\GateInterface;
// Define an ability
$gate->define(
'edit-settings',
fn (?AuthorizableInterface $user) => $user?->can('admin', true) ?? false,
);
// Check it
$gate->authorize('edit-settings');Full usage, API reference, and examples: marko/authorization