Policy

1. Policy class methods MUST use camelCase. Example: @can('editPost', $post) (Laravel does it under the hood)
2. Try to name abilities using default CRUD words. One exception: replace show with view. A server shows a resource, a user views it.
3. Prefer to return \Illuminate\Auth\Access\Response instances from policy methods as they provide better DX, and it allows building a better UX.
4. Do not use HandlesAuthorization trait, use \Illuminate\Auth\Access\Response methods directly.
5. If Laravel Nova v5+ used on the project, use separate policy classes per Nova Resource (Resource::$policy).