role !== "administrator" && Auth::user()->role !== "admin_user" ) { abort(403, 'Unauthorized action.'); } return $next($request); } }