FEATURE ✨ Implement advanced permissions (check policy, if exits, oth…

…erwise check permission, otherwise nothing)

composer.json

@@ -20,7 +20,8 @@
         "laravel/framework": "^8.0|^9.0|^10.0|^11.0",
         "illuminate/support": "^8.0|^9.0|^10.0|^11.0",
         "livewire/livewire": "^2.4|^2.10|^3.0",
-        "spatie/laravel-medialibrary": "^9.0|^10.0|^11.0"
+        "spatie/laravel-medialibrary": "^9.0|^10.0|^11.0",
+        "spatie/laravel-permission": "^4.0|^5.0|^6.0"
     },
     "require-dev": {
         "orchestra/testbench": "^6.0|^8.0",

src/Http/Controllers/AdminController.php

@@ -15,6 +15,7 @@
 use Ndeblauw\BlueAdmin\Traits\AdminControllerPrefillTrait;
 use Ndeblauw\BlueAdmin\Traits\AdminControllerReturnPathTrait;
 use Ndeblauw\BlueAdmin\Traits\AdminControllerSelectViewTrait;
+use Spatie\Permission\Models\Permission;
 
 class AdminController extends Controller
 {
@@ -209,6 +210,15 @@ protected function policyCheck(string $ability, ?Model $model = null): void
 
         if (!file_exists(base_path($policy))) {
             Log::warning('Policies enabled, but no <strong>'.$policy.'</strong> found for <strong>'.$class.'</strong>.');
+
+            $permission = Str::of($this->config->CLASS)->afterLast('\\')->snake().'-'.$ability;
+            if(Permission::where('name', $permission)->exists()) {
+                Log::warning('But good backup found, as permission exists: <strong>'.$permission.'</strong>, so checking with that');
+                if( ! auth()->user()->can($permission) ) {
+                    abort(403, 'You are not allowed to perform this action.');
+                }
+            }
+
             return;
         }