Usage

Query

Apply the controlled scope on needed queries.

Post::controlled()
    ->get();

Interactions with should

When using the query, Access Control will always use the view method in the should function. This is because it considers you are trying to view models since you make a SQL query.

If you are on an index of a controller, the control might trigger twice, once for viewAny (Policy) and once for view (Query)

Policies

Policies are secured by default for the common method: viewAny, view, update, create, delete, restore, forceDelete.

$user->can('view', $post) // Will call the policy and Access Control