Hello,

The permission in backend is handled by Authorizable trait and it is using the route name with action to check the permission and allow access to controller method. You should get the route name as Laravel do users.index, users.create, users.show ...

If you want to change, feel free to modify the trait as you need.

Thank you

Dear Mian,
I have tried changing the route according to the suggestion .ex, .create but I am failing somewhere and getting 403: Forbidden.
Kindly help... some details for your reference:

Traits/Authorizable:

<?php
namespace App\Traits;

use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Request;

trait Authorizable
{
private $abilities = [
'index' => 'read',
'show' => 'read',
'edit' => 'update',
'update' => 'update',
'create' => 'create',
'store' => 'create',
'destroy' => 'delete',
'destroy-many' => 'delete',
'destroy-permanently' => 'delete',
'delete' => 'delete',
'void' => 'delete',
'email' => 'email',
'disable2FA' => 'update',
'disable2-f-a' => 'update',
'change-password' => 'update',
'delete-attachment' => 'delete',
'payments' => 'payments', // check the sale/purchase payments
'generate' => 'create', // Custom method example
'archive' => 'update', // Custom method example

];

Web.php

Route::get('/sorting-inbound', [SortingWarehouseReceiptController::class, 'index'])->name('sortinginbound.index');
Route::get('/sorting-inbound/create', [SortingWarehouseReceiptController::class, 'create'])->name('sortinginbound.create');

SortingWarehouseReceiptController:

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\SortingWarehouseReceipt;
use App\Models\Driver;

class SortingWarehouseReceiptController extends Controller
{
public function index(Request $request)
{
$receipts = SortingWarehouseReceipt::with('driver')->get();

return inertia('SortingInbound/Index', [
    'receipts' => $receipts->map(function ($receipt) {
        \Log::info('Raw status_history:', ['status_history' => $receipt->status_history]);
        \Log::info('Decoded status_history:', ['decoded' => json_decode($receipt->status_history, true)]);

        return [
            'id' => $receipt->id,
            'date' => $receipt->date,
            'driver' => $receipt->driver ? [
                'id' => $receipt->driver->id,
                'name' => $receipt->driver->name,
            ] : null,
            'items' => is_string($receipt->items) ? json_decode($receipt->items, true) : $receipt->items ?? [],
            'inbound_type' => $receipt->inbound_type,
            'client_store' => $receipt->client_store,
            'total_items' => $receipt->total_items,
            'last_status' => $receipt->last_status,
            'status_history' => is_string($receipt->status_history) ? json_decode($receipt->status_history, true) : $receipt->status_history ?? [],
        ];
    }),
]);

}

public function create()
{

$drivers = Driver::all();


return inertia('SortingInbound/Form', [
    'drivers' => $drivers,
    
]);

}

Hello,

Please pay attention to route name

Route::get('/sorting-inbound', [SortingWarehouseReceiptController::class, 'index'])->name('sortinginbound.index');
Route::get('/sorting-inbound/create', [SortingWarehouseReceiptController::class, 'create'])->name('sortinginbound.create');

The permissions should be read-sortinginbound and create-sortinginbound. The second part is the route name sortinginbound

Thank you

Hello @Mian Saleem , Thank you so much. Finally it is working now.