From 55f223b602a22e4eaa42683e1361ec0d573aae95 Mon Sep 17 00:00:00 2001
From: "claude[bot]" <41898282+claude[bot]@users.noreply.github.com>
Date: Sat, 20 Dec 2025 10:45:51 +0000
Subject: [PATCH] Implement Laravel's built-in gates and policy registration
 support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This commit updates the can() method to properly integrate with Laravel's
native Gate and Policy system, allowing both AAuth permissions and Laravel's
authorization features to work together seamlessly.

Changes:
- Updated Gate::before() callback to return null when AAuth doesn't have
  the permission, allowing Laravel's gates and policies to be checked
- Modified AAuthUser::can() to delegate to Laravel's Gate system when
  AAuth doesn't have the permission
- Added exception handling for cases where AAuth service is not initialized
- Improved comments to explain the integration flow

Fixes #36

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: EA <emreakay@users.noreply.github.com>
---
 src/AAuthServiceProvider.php | 16 +++++++++++++++-
 src/Traits/AAuthUser.php     | 15 +++++++++++++--
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/src/AAuthServiceProvider.php b/src/AAuthServiceProvider.php
index 5b24842..14b2b85 100644
--- a/src/AAuthServiceProvider.php
+++ b/src/AAuthServiceProvider.php
@@ -53,8 +53,22 @@ public function boot(): void
             );
         });
 
+        // Register AAuth permissions with Laravel's Gate system
+        // This allows AAuth permissions to work alongside Laravel's native gates and policies
         Gate::before(function ($user, $ability, $arguments = []) {
-            return app('aauth')->can($ability) ?: null;
+            // Only return true if AAuth explicitly grants this permission
+            // Return null to allow Laravel's gate/policy checks to continue
+            try {
+                if (app('aauth')->can($ability)) {
+                    return true;
+                }
+            } catch (\Throwable $e) {
+                // If AAuth service is not properly initialized, let Laravel's gates handle it
+                return null;
+            }
+
+            // Return null instead of false to allow Laravel's gates and policies to be checked
+            return null;
         });
 
         Blade::directive('aauth', function ($permission) {
diff --git a/src/Traits/AAuthUser.php b/src/Traits/AAuthUser.php
index 5d0fda7..97d7a18 100644
--- a/src/Traits/AAuthUser.php
+++ b/src/Traits/AAuthUser.php
@@ -75,12 +75,23 @@ public function getDeletableAttribute(): bool
     public function can($abilities, $arguments = []): bool
     {
         if (is_string($abilities)) {
-            return app('aauth')->can($abilities);
+            // First check if AAuth has this permission
+            try {
+                if (app('aauth')->can($abilities)) {
+                    return true;
+                }
+            } catch (\Throwable $e) {
+                // If AAuth is not properly initialized, fall through to Laravel's Gate
+            }
+
+            // If AAuth doesn't have this permission, delegate to Laravel's Gate system
+            // This allows Laravel's native gates and policies to be checked
+            return parent::can($abilities, $arguments);
         }
 
         if (is_array($abilities)) {
             foreach ($abilities as $ability) {
-                if (! app('aauth')->can($ability)) {
+                if (! $this->can($ability, $arguments)) {
                     return false;
                 }
             }