Blade @can Directive Should Provide Access to Denial Message #54536

aarreedd · 2025-02-09T17:34:47Z

aarreedd
Feb 9, 2025

When using authorization gates or policies in Laravel, we often return a Response::deny('Some message') to provide a user-friendly reason for rejection. However, the @can directive in Blade does not expose this message, making it challenging to display meaningful feedback.

Example

use Illuminate\Auth\Access\Response;
use Illuminate\Support\Facades\Gate;

Gate::define('edit-settings', function (User $user) {
    return $user->isAdmin
        ? Response::allow()
        : Response::deny('You must be an administrator.');
});

Currently, in Blade, we can check for permission but cannot retrieve the denial message:

@can('edit-settings')
    <p>You can edit settings.</p>
@else
    <x-alert>{{$message}}</x-alert> {{-- ❌ No way to get the message --}}
@endcan

Workaround

A workaround is to manually call Gate::inspect() to fetch the response:

@php
    $response = Gate::inspect('edit-settings');
@endphp

@if ($response->allowed())
    <p>You can edit settings.</p>
@else
    <x-alert>{{ $response->message() }}</x-alert>
@endif

Proposed Solution

Enhance the @can directive to provide access to the denial message. Possible implementations:

@can('edit-settings', [], $message)
    <p>You can edit settings.</p>
@else
    <x-alert>{{ $message }}</x-alert>
@endcan

OR

@canWithMessage('edit-settings', $message)
    <p>You can edit settings.</p>
@else
    <x-alert>{{ $message }}</x-alert>
@endcanWithMessage

Would love to hear thoughts on this!

shaedrich · 2025-02-10T07:57:51Z

shaedrich
Feb 10, 2025

Another possibility:

@can('edit-settings')
    <p>You can edit settings.</p>
@deny($message)
    <x-alert>{{$message}}</x-alert> {{-- ❌ No way to get the message --}}
@endcan

1 reply

aarreedd Feb 10, 2025
Author

Definitely better syntax

Sophist-UK · 2025-02-10T10:12:12Z

Sophist-UK
Feb 10, 2025

Is this something that can be handled using a Blade Custom If?

3 replies

chris-ware Feb 17, 2025

It definitely is. I've added a custom inspect directive in my apps now for this exact purpose.

aarreedd Feb 17, 2025
Author

Can you share the code?

chris-ware Feb 17, 2025

I don't have it to hand, but it was modified from the @session blade helper, injecting a $inspect variable into that blade tag.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Blade @can Directive Should Provide Access to Denial Message #54536

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments 4 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Blade @can Directive Should Provide Access to Denial Message #54536

Uh oh!

aarreedd Feb 9, 2025

Example

Workaround

Proposed Solution

Replies: 2 comments · 4 replies

Uh oh!

shaedrich Feb 10, 2025

Uh oh!

aarreedd Feb 10, 2025 Author

Uh oh!

Sophist-UK Feb 10, 2025

Uh oh!

chris-ware Feb 17, 2025

Uh oh!

aarreedd Feb 17, 2025 Author

Uh oh!

chris-ware Feb 17, 2025

aarreedd
Feb 9, 2025

Replies: 2 comments 4 replies

shaedrich
Feb 10, 2025

aarreedd Feb 10, 2025
Author

Sophist-UK
Feb 10, 2025

aarreedd Feb 17, 2025
Author