check() || (auth()->user()->role !== UserRole::EMPLOYEE && auth()->user()->role !== UserRole::ADMIN)) { abort(403, 'Unauthorized access. Employee role required.'); } return $next($request); } }