关于 policy 验证问题

我定义了一个ProjectPolicy

 /**
 * Determine whether the user can create projects.
 *
 * @param  \App\Models\User $user
 * @return mixed
 */
public function create(User $user) {
    //
    return in_array($user->type, User::MANAGE_TYPE);
}

在controller 中使用

/**
 * Show the form for creating a new resource.
 *
 * @return \Illuminate\Http\Response
 */
public function create() {
     $this->authorize('create', Auth::user());
}

然后一直提示

This action is unauthorized.

修改为一下就可以了

    public function create() {
    if (Auth::user()->can('create', Project::class)) {
        return view('projects.create');
    }
}

为啥create不能如 $this->authorize调用,而store中就可以？

    public function store(ProjectRequest $request, Project $project, ImageUploadHandler $uploader) {
        $this->authorize('create', $project);
        $data = $request->all();
    if ($request->img) {
        $result = $uploader->save($request->img, 'project', 'project_');
        if ($result) {
            $data['img'] = $result['path'];
        }
    }
    Project::create($data);
    return redirect()->route('project.index')->with('success', '创建成功！');
}