@vetosers I had a quick look at the source code and noticed
($post->duscussion->is_closed) ?: false in
PostPolicy. It looks like there are multiple issues there. First the relationship is not spelled right (should be
discussion). Then the condition appears to be the inverse from
! might be missing in front.
In its current form, with the relationship returning
null, the policy will always return
Also just a note
?: false seems redundant. If
! is placed in front of
is_closed, it will be cast to boolean already and achieve the same.
More generally, I think those policies are not written correctly. It appears that when a discussion is not closed, then everyone, including guests, gets admin access to the features. They should fallback to the original policy where necessary instead of returning a
true. I believe this can be achieved by returning
null, and this might have been the intent here, but that's not what