Issue with Laravel Policy

  laravel

I am using laravel policies to authenticate user actions on an application backend which was built using laravel nova. I am also using spatie permissions and roles package https://spatie.be/docs/laravel-permission/v3/introduction in this project.

I have a UserTransactionPolicy which allows users with certain roles view a user’s transactions and only those with a certain permission.

public function viewAny(User $user)
{
    return $user->hasRole('admin');
}

public function view(User $user, UserTransaction $userTransaction)
{
    return $user->hasRole('admin');
}

public function create(User $user)
{
    return $user->hasPermissionTo('create');
}

In AuthServiceProvider I have registered the policy along with other in $policies array like this

// other policies
'AppModelsUserTransaction'    => 'AppPoliciesUserTransactionPolicy',
// more policies

On nova the authenticated user has admin role and permission to create and the first two policies work just fine but the create policy keeps throwing error

Sorry! You are not authorized to perform this action

The first two policies to view were added long ago and the create policy was only added today. So I commented out the policy in AuthServiceProvider to be sure that the new changes are actually taking effect but to my surprise, I still get the same error even though now I see all nova action buttons.

Is there a way to refresh the policy list just incase is some issue with caching? Or is there something I haven’t done right?

Source: Laravel

Leave a Reply