Search code examples
laravelpolicy

Laravel Policies - $this->authorize not working


Task policy:

class TaskPolicy
{
    use HandlesAuthorization;

    public function canSeeTeam()
    {
        return true;
    }
}

AuthServiceProvider:

class AuthServiceProvider extends ServiceProvider
{
    protected $policies = [
        'App\Models\Task' => 'App\Policies\TaskPolicy',
    ];

Task controller:

public function update(Request $request, Task $task)
    {      
        $this->authorize('canSeeTeam');
        dd('Authorized!');
    }

Instead of getting Authorized! I get:

"message": "This action is unauthorized.", "exception": "Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException",

I'm logged in, and have access to the team, not it matters because canSeeTeam always true.


Solution

  • You also have to pass the task object to the authorize method:

    $this->authorize('canSeeTeam', $task);