Skip to content
This repository has been archived by the owner on Aug 13, 2023. It is now read-only.

Z3d0X/filament-simple-permissions

Repository files navigation

Warning

This package is no longer maintained

Simply define the permissions in the filament resource.

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

Easily define permissions for Filament Resources & Relation Managers

Installation

You can install the package via composer:

composer require z3d0x/filament-simple-permissions

This package does not require any additional configuration after installation

Usage

This package comes with two traits HasResourcePermissions and HasRelationManagerPermissions, which can be used in Filament's Resources and RelationManagers respectively.

To use simply use the trait in your Resource/RelationManger and define your permissions.

Resource Example

//UserResource.php
use Z3d0X\FilamentSimplePermissions\Concerns\HasResourcePermissions;

class UserResource extends Resource
{
    use HasResourcePermissions;

    protected static array $permissions = [
        'viewAny' => 'access-users',
        'view' => 'access-users',
        'create' => 'create-users',
        'update' => 'update-users',
        'delete' => ['update-users', 'delete-stuff'], //use an array if multiple permissions are needed
        'deleteAny' => false, //also supports boolean, to allow/disallow for all users
    ];
}

RelationManager Example

//PostsRelationManager.php
use Z3d0X\FilamentSimplePermissions\Concerns\HasRelationManagerPermissions;

class PostsRelationManager extends HasManyRelationManager
{
    use HasRelationManagerPermissions;

    protected static array $permissions = [
        'create' => 'create-posts',
        'update' => 'update-posts',
        'delete' => ['update-posts', 'delete-stuff'], //use an array if multiple permissions are needed
        'deleteAny' => false, //also supports boolean, to allow/disallow for all users

        //Supports relation manager specific actions.
        'viewForRecord' => 'access-posts',
        'associate' => 'update-posts',
        'dissociate' => 'update-posts',
        'dissociateAny' => false,
    ];
}

Advanced Usage

For advanced usage, it is possible to define a static getPermissions() method, instead of $permissions property

//PostsRelationManager.php
use Z3d0X\FilamentSimplePermissions\Concerns\HasRelationManagerPermissions;
use Illuminate\Database\Eloquent\Model;

class PostsRelationManager extends HasManyRelationManager
{
    use HasRelationManagerPermissions;

    protected static function getPermissions(): array
    {
        return [
            'viewForRecord' => fn (Model $ownerRecord) => $ownerRecord->user_id === auth()->id(),
            'update' => function (Model $record) {
                return $record->user_id === auth()->id();
            },
        ];
    }
}

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.