Laravel - how to authorize certain action?

0

I have a small application written with Laravel 5.3, at some point I check to see if the logged in user is allowed to edit / change or delete a certain post:

if(!$post = Auth::user()->posts()->where('id', $id)->first()) {
    return redirect()->route('post.index')
            ->with(['status' => 'danger', 'mensagem' => 'Este post não te pertence!']);
}

How can I create a policy and use it so that the admin (super admin) and the owner of the post are the only ones to have permission on the post?

    
asked by anonymous 19.12.2016 / 13:03

0 answers