Level 14
- you don't have to create a policy for each model.
- multiple models can use some simple
BasePolicy. - policies can inherit from each other or use traits.
1 like
Sep 12, 2023
4
Level 1
Why use Policies?
I just want to know why should we use policies, I mean I have about 50 models in my application, if create a Policy for each model or even action I will end up with too many policies, while reading documentation, Laravel recommends using policies, but isn't that resulting in too many classes and code here to manage authorization.
Level 1
Thanks, your answer is good, but I still have confusion, I would still need to create some files even if Inherit each policy with a Base Policy or trait. while I can just create single middleware to check for permissions.
Level 14
@shahidnawaz middleware can check some general permission, while policies can authorize an action based on a record. A middleware would answer "Can the authenticated user access this event create/edit route?" while an EventPolicy would answer "Can this $user edit this particular $event?" and you would check if $user->is_admin || $user->id == $event->user_id or something like that. They solve different things and don't really overlap.
1 like
Level 122
depends if your app requires record level permissions? Only you can say that.
1 like
Please or to participate in this conversation.