Breaks ::class User gate

[clarkwinkelmann]

When this extension is enabled, it's no longer possible to use model-less calls on the gate for the User model.

It's the same issue that's currently plaguing the Tags extension in Flarum https://github.com/flarum/core/issues/2908

An extension that uses such a call is my shadow ban extension with $actor->can('shadowBan', User::class) https://github.com/clarkwinkelmann/flarum-ext-shadow-ban/blob/main/src/Scope/ViewUser.php#L21

[2021-07-16 16:09:24] flarum.ERROR: TypeError: Askvortsov\FlarumWarnings\Access\UserPolicy::can(): Argument flarum/framework#3 ($user) must be of type Flarum\User\User, string given in /home/metabullet/public_html/vendor/askvortsov/flarum-moderator-warnings/src/Access/UserPolicy.php:26

The error is in this file

flarum-moderator-warnings/src/Access/UserPolicy.php

Line 26 in cb9e8f7

public function can(User $actor, $ability, User $user)

, the third parameter should accept a string as well.

Reported on the forum here https://discuss.flarum.org/d/23228-moderator-warnings-extension/87

[askvortsov1]

Isn't our convention to use new Guest() instead of User::class?

[clarkwinkelmann]

There's no convention I'm aware of.

Using ::class to check permissions to create something that doesn't exist yet is a standard Laravel practice which we previously implemented into core. But extensions can break it due to the can() function which itself isn't a Laravel feature.

Another option could be to not proxy ::class gates through can() in core, but that would be a breaking change.