conflict with permissions and custom policies

[cesarZaabra]

I am currently using Laravel-permission for access management in my Laravel project, but I have a problem, I need to generate a "SuperAdmin" user that consists of passing all access permissions but I also have registered policies that validate other factors

My problem is that I need the user to pass all the permissions of Laravel-permission but to respect the custom policies that were generated.

[parallels999]

Hi, you do not offer the necessary information to review

laravel-permission/.github/ISSUE_TEMPLATE/bug_report.md

Lines 11 to 42 in c7e0eb2

	Please check if there isn't a similar issue on [the issue tracker](https://github.com/spatie/laravel-permission/issues) or in [the discussions](https://github.com/spatie/laravel-permission/discussions).
	**Describe the bug**
	A clear and concise description of what the bug is.
	**Versions**
	You can use `composer show` to get the version numbers of:
	- spatie/laravel-permission package version:
	- illuminate/framework package
	PHP version:
	Database version:
	**To Reproduce**
	Steps to reproduce the behavior:
	Here is my example code and/or tests showing the problem in my app:
	**Example Application**
	Here is a link to my Github repo containing a minimal Laravel application which shows my problem:
	**Expected behavior**
	A clear and concise description of what you expected to happen.
	**Additional context**
	Add any other context about the problem here.
	**Environment (please complete the following information, because it helps us investigate better):**
	- OS: [e.g. macOS]
	- Version [e.g. 22]

[cesarZaabra]

Hi.

My permissions with laravel-permission are

• post create
• post edit
• post-show

and I have a policy created

namespace App\Policies;
use App\Models\Post;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;
class PostPolicy
{
    use HandlesAuthorization;
    /**
     * @param User $user
     * @param Post $post
     * @return bool
     */
    public function edit(User $user, Post $post): bool
    {
        return $post->user_id == $user->id;
    }
}

When you create a super admin user, it is necessary to be able to perform all the permissions regardless of whether you have access or not, it was solved with a gate in "app/Providers/AuthServiceProvider.php"

Gate::before(function (User $user, $ability) {
            return $user->isSuperAdmin() ? true:null;
        });

The problem is that the superAdmin can perform all the functions with or without access, but it also gives him the possibility to edit the post of other users and this should not be allowed.

[drbyte]

It's possible you require also a Gate::after() rule.

See: https://spatie.be/docs/laravel-permission/v5/basic-usage/super-admin#content-gateafter
and the Laravel docs for Gate::after()