can('viewAdminPath', User::class) && !Auth::user()->hasRole(Role::CITY_MANAGER)) { abort(403, 'Unauthorized action.'); } return $next($request); } }