Authorizing wildcards and Gate::after()

[juliomotol]

Ok, hear me out, given the following wildcard permissions that follows the policies ability conventions:

• product
• product.viewAny
• product.view
• product.create
• product.update
• product.delete

...and in somewhere in my service providers I have:

Gate::after(function ($user, $ability, $model = null) {
    if (!$model){
        return;
    }

    if(!is_string($model)) {
        $model = $model::class;
    }

    $resourceName = Str::of($model)->classBasename()->camel();

    return $user->can("{$resourceName}.{$ability}");
});

In theory, I could $this->authorize('update', $product) in my controller without having to create a ProductPolicy.

And even if I do create a ProductPolicy with a custom authorization like:

public function update(User $user, Product $product)
{
    if ($product->isDiscontinued()){
        return false;
    }
}

...it would still respect the ProductPolicy as I registered the magic in Gate::after().

I haven't tested this out yet, I'd like to know your thoughts on this. Lets discuss about it!