user()->can('supplychain.access')) { abort(403, 'Unauthorized action.'); } if ($permission && ! auth()->user()->can($permission)) { abort(403, 'Unauthorized action.'); } } }