I've been working on a ticketing system at work. A new requirement came up that only Admin users should be able to reassign a ticket. This is how I achieved that.

  1. If the user is trying to reassign a ticket, check if he is a member of the Admin role. If yes, proceed, if no tell him "you can't do that"

In the code block that handles ticket reassignment

$cannot_reassign_ticket = !auth()->user()->hasRole("Admin");
    $message = "Only admins can reassign tickets";
    Log::info([ 'user' => auth()->user()->username, 'message' => $message]);
    return [ 'status' => 400, 'message' = $message];

2.  Improve the users "quality of life" :D by not even allowing him to take the wrong action in the first place

In the controller function

$cannot_reassign_ticket = !auth()->user()->hasRole("Admin");
return view('index', compact('cannot_reassign_ticket'));

In the blade file

<div id="assignment-ui" @if($cannot_reassign_ticket) class="hide" @endif>
    !--code ommitted for brevity-->