contains($ability)) { // Owner has full server permissions if ($server->owner_id === $user->id) { return true; } $subuser = $server->subusers->where('user_id', $user->id)->first(); // If the user is a subuser check their permissions if ($subuser && in_array($ability, $subuser->permissions)) { return true; } } // Make sure user can target node of the server if (!$user->canTarget($server->node)) { return false; } // Return null to let default policies take over return null; } }