Livewire component functions missing team_id

[vdlindenmark]

We are using the following versions:

• Laravel 11.21
• Livewire 3.5
• Volt 1.6
• Spatie Laravel Permission 6.9
• Spatie Laravel Permissions WITH TEAMS

The Issue:

I'm encountering an issue where the teamId behaves inconsistently when checking user permissions within a Livewire component. Specifically:

• In Blade File: When checking a user's permission within a Livewire Blade file, the teamId is set correctly, and the permission check works as expected.
• In Livewire Component (PHP): However, when I check the same permission inside a method of the Livewire component (PHP file), the teamId is null, leading to incorrect permission results.

Example:

We have a Livewire component with a corresponding Blade file. The Blade file contains the following code:

<select wire:model.live="assignees" multiple class="w-full" @cannot('change_assignees', $post) disabled @endcannot>
    *** options ***
</select>
<button wire:click.prevent="save">{{ __('Save') }}</button>

The PostPolicy is as follows:

public function change_assignees(User $user, Post $post): bool
{
    return $user->hasPermissionTo(PermissionType::CHANGE_ASSIGNEES);
}

The @cannot directive in the Blade file correctly evaluates the user's permissions based on their team_id.
Logging the user inside the policy shows that the correct user, with roles and team_id, is being used.

The Problem:

When the user clicks on the "Save" button, I attempt to check the authorization again in the Livewire component’s save method:

if(auth()->user()->can('change_assignees', $this->vacancy))

This always returns false. Logging the user and permissions at this point reveals that the user has no roles and the team_id is missing. The getPermissionsTeamId() method returns null in this scenario.

We have the following middleware for setting the teamId:

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

class TeamPermissionMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
     */
    public function handle(Request $request, Closure $next): Response
    {
        setPermissionsTeamId('123123');
        return $next($request);
    }
}

In bootstrap/app.php, the middleware is appended like this:

->withMiddleware(function (Middleware $middleware) {
    $middleware->append(TeamPermissionMiddleware::class);
})

Request for Help:
Can anyone explain why the permission check in the save function of the Livewire component is not aware of the current team_id? Any insights on how to resolve this issue?

[vdlindenmark]

Looks like there's more going on with my setup. I'm gonna check that first, closing this issue for now.

[drbyte]

Update: #2715