using laravel-permissions inside controllers with Policies

[some0ne2]

After reading the docs, it's recommended to use permissions over roles, I've included several permissions (at the moment around 30 permissions).

Because they are verify specific, let me inlcude some, f.e. the Product model itself has several:

view products
approve products
edit products

Since I'm required to check in specific controller actions for these permissions, I started to include Policies like:

app/Policies/ProductPolicy.php

<?php

namespace App\Policies;

use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class ProductPolicy
{
    use HandlesAuthorization;

    /*
        product policy is auto discovered by laravel
    */

    public function view(User $user)
    {
        return ($user->can('view products'));
    }

    public function edit(User $user)
    {
        return ($user->can('edit products'));
    }

    public function approve(User $user)
    {
        return ($user->can('approve products'));
    }

}

Inside the controller actions I check for permissions like:

public function getProduct(Product $product,  Request $request){

    $this->authorize('view', Product::class);
    ...
}

1. Is there a better way to do so?
2. Are there any problems this might cause (I'm including more and more granular permissions, so I would like to ask this before it might cause problems)?

-Thank you a lot for your time & help. 🙏

[parallels999]

Are there any problems this might cause ?

Make tests and tell us, thanks

[some0ne2]

No, I can't face any problems atm, but maybe there's an easier way to do so.
Open for ideas / suggestions.

[drbyte]

@some0ne2 Yes, what you described is the best place to start. If your app doesn't have more advanced requirements than that it should be fine without much change!