user()?->id ?? 0); if ($userId <= 0) { return response()->json(['status' => false, 'message' => 'Unauthorized.'], 401); } if (!$this->permissions->hasPermission($userId, $permission)) { if ($request->expectsJson()) { return response()->json(['status' => false, 'message' => 'Access denied.'], 403); } return response()->json(['status' => false, 'message' => 'Access denied.'], 403); } return $next($request); } }