check() || !auth()->user()->isAdmin()) { abort(403, 'Unauthorized action.'); } return $next($request); } }