jordanjay29 amazing ?
Please correct me if I'm wrong, I don't know a lot about core, but I know how the Policy system works in Laravel, and from what I've seen it uses the same solution.
hasPermission is to check whether user has been assigned a permission.can will check if a given action can be made by the user (using a Policy). In Flarum it seems like you can check for permissions as well with this command
For example, if you try to edit a post, the system will check if you can edit the post. The actual Policy logic is in this file and does not involve permissions at all. The command usually take the name of the Policy as well as argument (here, the post we want to edit). Actual permissions generally come into play when you don't have a "natural" right to do the action. In the case of the post edition if you have the editPost permission then you can edit any post.
I did not find the part of the code that does it, but hasPermission is probably used behind the scenes by can for that last part.
With Flarum events are fired so extensions can hook into the Policy checks and force another outcome. hasPermission is merely a way to know that's in the database in comparison.
So in the end I believe you should only use hasPermission if you're dealing with the permission management for users in your extension. If you're only checking if the user is allowed to do something, this should go through can.
