Issue in Policies

[greatsami]

Hi all,
I have an issue with the policies, I created 4 roles (owner, admin, supervisor, and user)
as you see in the image top left App/Providers/AuthServiceProvider.php
I defined Gate::before to allow the owner and admin to access all admin pages.

in the Backup module I created Module/Backup/App/Providers/AuthServiceProvider.php as bottom left page and defined Backup policy, and add it to register it as it is appears in the top right page in BackupServiceProvider.php

and defined the policies as bottom right page BackupPolicy.php

The problem in this case supervisor cant access backup page as per his permissions, but if I comment Gate::before the supervisor can access his permissions but the owner and admin can not.

Note Before I create the Backup module the permissions and policies was worked fine.

How to solve this issue?

[hnasiry]

The issue occurs because your Gate::before() method returns a boolean value instead of null. When Gate::before() returns a boolean, Laravel stops checking other policies.

To ensure Laravel continues checking policies when the user does not have the specified roles, you should return null. Here’s the corrected code:

Gate::before(function ($user, $ability) {
    return $user->hasRole(['owner', 'admin']) ? true : null;
});