zibo-dashboard/public/userarea/include/permissions_helper.php

<?php

if (!function_exists('userCan')) {
    /**
     * Check if current user has a Vanguard permission.
     * Uses Vanguard native method if available, otherwise falls back to DB check.
     */
    function userCan($permissionName)
    {
        global $kindofrole;

        $user = Auth::user();

        if (!$user) {
            return false;
        }

        // Vanguard / Laravel-style methods, depending on installed version/customization.
        if (method_exists($user, 'hasPermission')) {
            return $user->hasPermission($permissionName);
        }

        if (method_exists($user, 'hasPermissionTo')) {
            return $user->hasPermissionTo($permissionName);
        }

        if (method_exists($user, 'can')) {
            return $user->can($permissionName);
        }

        // Fallback: direct DB check using existing Vanguard tables.
        static $permissions = null;

        if ($permissions === null) {
            $pdo = DBHandlerSelect::getInstance()->getConnection();

            $stmt = $pdo->prepare("
                SELECT p.name
                FROM auth_permissions p
                INNER JOIN auth_permission_role pr ON pr.permission_id = p.id
                WHERE pr.role_id = ?
            ");
            $stmt->execute([(int)$kindofrole]);

            $permissions = $stmt->fetchAll(PDO::FETCH_COLUMN);
        }

        return in_array($permissionName, $permissions, true);
    }
}

if (!function_exists('visibleButtons')) {
    /**
     * Filter visible buttons.
     */
    function visibleButtons(array $buttons)
    {
        return array_values(array_filter($buttons, function ($button) {
            return empty($button['permission']) || userCan($button['permission']);
        }));
    }
}