[1.x] Make team show use policies

[richardbishopme]

Problem

I have a need to customise whether a team should be shown. At the moment, the TeamController show method checks if the user belongsToTeam and aborts if not:

Http\Inertia\TeamController
Http\LIvewire\TeamController

public function show(Request $request, $teamId)
{
        $team = Jetstream::newTeamModel()->findOrFail($teamId);

        if (! $request->user()->belongsToTeam($team)) {
            abort(403);
        }

        return view('teams.show', [
            'user' => $request->user(),
            'team' => $team,
        ]);
}

If I want to change this, I would need to override the TeamController show method rather than use the original.

Solution

I inspected the code and noted that the stub and test fixture for the TeamPolicy already checks for belongsToTeam:

public function view(User $user, Team $team)
{
        return $user->belongsToTeam($team);
}

With that in mind, I changed the Livewire and Inertia controllers to the following code so that it uses the policy, thus allowing the developer to customise the access policy. The tests still pass.

From

if (! $request->user()->belongsToTeam($team)) {
      abort(403);
}

To

if(Gate::denies('view', $team )) {
       abort(403);
}