Super Admin Gate Not Working On Middleware Route

[CyberPunkCodes]

I don't know if this is an intended behavior or not, but it seems to not match up to what I expected.

I expected that defining a "Super Admin Gate" would override everything. It doesn't seem to be the case.

I defined a "root" gate in AuthServiceProvider, instead of "super admin". Same thing, different name lol.

public function boot(): void
{
    // not sure if this is needed?
    //$this->registerPolicies();

    Gate::before(function ($user, $ability) {
        return $user->hasRole('root') ? true : null;
    });
}

Notice I have registerPolicies() commented out. I tried both ways, commented and uncommented. The docs mention Laravel 6, and Laravel 10 didn't have registerPolicies() in the boot method. So it was unclear if this was an old default line from Laravel, old from this package, or if we were supposed to add it as well.. Maybe the docs could be clearer here, but minor detail. It doesn't seem to make any difference, at least on Laravel 10.

So, I now should have a global root access role without specifically checking for the root role anywhere.

However, that doesn't seem to be the case. At least with route middlewares.

In web.php:

Route::middleware([
    'role:super_admin|admin'
])->group(function () {

        Route::get('/test', [TestController::class, 'test']);
    
});

So now, I expect that my user with the root role assigned should be able to access /test. However, I get 403 | USER DOES NOT HAVE THE RIGHT ROLES. Why not? He should be let through everywhere globally from the Gate check in AuthServiceProvider?!

Obviously, if I add root to the middleware list, ie: 'role:root|super_admin|admin', it works. I didn't expect to also have to define root here.

Is this the intended behavior? Is the AuthServiceProvider Gate check only for checking against permissions like @can and not roles?

[erikn69]

Is this the intended behavior?

Yes, it is, i try to fix that on 9384223, but that change was not accepted

Try role_or_permission middleware instead

---

// not sure if this is needed?
//$this->registerPolicies();

ba5a7be

[CyberPunkCodes]

Thanks for your reply. It would be nice if these things were at least documented then.

[ami-hp]

This Issue was fixed months ago. Yet it's not included in your latest release which was released last week.
in Addition :
it Still doesn't work on blade directives such as @ROLE()
for example if I have a Super-Admin role I still can't see the content in
@role('admin') content @endrole

[erikn69]

It is not an issue, and there is no fix

Is this the intended behavior?
Yes,

[erikn69]

@hasanyrole(['admin', 'Super-Admin']) content @hasanyrole

Or make your custom directive including 'Super-Admin'

laravel-permission/src/PermissionServiceProvider.php

Lines 129 to 130 in 905be9d

	$bladeCompiler->directive('hasanyrole', fn ($args) => "<?php if({$bladeMethodWrapper}('hasAnyRole', {$args})): ?>");
	$bladeCompiler->directive('endhasanyrole', fn () => '<?php endif; ?>');

[ami-hp]

if I wanted to add a role to it , It wouldn't make sense to create a "super" admin. would it? it's in the name

[parallels999]

This package doesn't support "super" admins, it's just a gate rule for laravel can, canAny, feel free to make any customization as you need