fc643f57f9
* add spatie/permissions * add policies * add role resource * add root admin role handling * replace some "root_admin" with function * add model specific permissions * make permission selection nicer * fix user creation * fix tests * add back subuser checks in server policy * add custom model for role * assign new users to role if root_admin is set * add api for roles * fix phpstan * add permissions for settings page * remove "restore" and "forceDelete" permissions * add user count to list * prevent deletion if role has users * update user list * fix server policy * remove old `root_admin` column * small refactor * fix tests * forgot can checks here * forgot use * disable editing own roles & disable assigning root admin * don't allow to rename root admin role * remove php bombing exception handler * fix role assignment when creating a user * fix disableOptionWhen * fix missing `root_admin` attribute on react frontend * add permission check for bulk delete * rename viewAny to viewList * improve canAccessPanel check * fix admin not displaying for non-root admins * make sure non root admins can't edit root admins * fix import * fix settings page permission check * fix server permissions for non-subusers * fix settings page permission check v2 * small cleanup * cleanup config file * move consts from resouce into enum & model * Update database/migrations/2024_08_01_114538_remove_root_admin_column.php Co-authored-by: Lance Pioch <lancepioch@gmail.com> * fix config * fix phpstan * fix phpstan 2.0 --------- Co-authored-by: Lance Pioch <lancepioch@gmail.com>
147 lines
5.2 KiB
PHP
147 lines
5.2 KiB
PHP
<?php
|
|
|
|
namespace App\Filament\Resources;
|
|
|
|
use App\Enums\RolePermissionModels;
|
|
use App\Enums\RolePermissionPrefixes;
|
|
use App\Filament\Resources\RoleResource\Pages;
|
|
use App\Models\Role;
|
|
use Filament\Facades\Filament;
|
|
use Filament\Forms\Components\Actions\Action;
|
|
use Filament\Forms\Components\CheckboxList;
|
|
use Filament\Forms\Components\Component;
|
|
use Filament\Forms\Components\Fieldset;
|
|
use Filament\Forms\Components\Placeholder;
|
|
use Filament\Forms\Components\Section;
|
|
use Filament\Forms\Components\TextInput;
|
|
use Filament\Forms\Form;
|
|
use Filament\Forms\Get;
|
|
use Filament\Resources\Resource;
|
|
use Illuminate\Support\Str;
|
|
|
|
class RoleResource extends Resource
|
|
{
|
|
protected static ?string $model = Role::class;
|
|
|
|
protected static ?string $navigationIcon = 'tabler-users-group';
|
|
|
|
protected static ?string $recordTitleAttribute = 'name';
|
|
|
|
public static function getNavigationBadge(): ?string
|
|
{
|
|
return static::getModel()::count() ?: null;
|
|
}
|
|
|
|
public static function form(Form $form): Form
|
|
{
|
|
$permissions = [];
|
|
|
|
foreach (RolePermissionModels::cases() as $model) {
|
|
$options = [];
|
|
|
|
foreach (RolePermissionPrefixes::cases() as $prefix) {
|
|
$options[$prefix->value . ' ' . strtolower($model->value)] = Str::headline($prefix->value);
|
|
}
|
|
|
|
if (array_key_exists($model->value, Role::MODEL_SPECIFIC_PERMISSIONS)) {
|
|
foreach (Role::MODEL_SPECIFIC_PERMISSIONS[$model->value] as $permission) {
|
|
$options[$permission . ' ' . strtolower($model->value)] = Str::headline($permission);
|
|
}
|
|
}
|
|
|
|
$permissions[] = self::makeSection($model->value, $options);
|
|
}
|
|
|
|
foreach (Role::SPECIAL_PERMISSIONS as $model => $prefixes) {
|
|
$options = [];
|
|
|
|
foreach ($prefixes as $prefix) {
|
|
$options[$prefix . ' ' . strtolower($model)] = Str::headline($prefix);
|
|
}
|
|
|
|
$permissions[] = self::makeSection($model, $options);
|
|
}
|
|
|
|
return $form
|
|
->columns(1)
|
|
->schema([
|
|
TextInput::make('name')
|
|
->label('Role Name')
|
|
->required()
|
|
->disabled(fn (Get $get) => $get('name') === Role::ROOT_ADMIN),
|
|
TextInput::make('guard_name')
|
|
->label('Guard Name')
|
|
->default(Filament::getCurrentPanel()?->getAuthGuard() ?? '')
|
|
->nullable()
|
|
->hidden(),
|
|
Fieldset::make('Permissions')
|
|
->columns(3)
|
|
->schema($permissions)
|
|
->hidden(fn (Get $get) => $get('name') === Role::ROOT_ADMIN),
|
|
Placeholder::make('permissions')
|
|
->content('The Root Admin has all permissions.')
|
|
->visible(fn (Get $get) => $get('name') === Role::ROOT_ADMIN),
|
|
]);
|
|
}
|
|
|
|
private static function makeSection(string $model, array $options): Section
|
|
{
|
|
$icon = null;
|
|
|
|
if (class_exists('\App\Filament\Resources\\' . $model . 'Resource')) {
|
|
$icon = ('\App\Filament\Resources\\' . $model . 'Resource')::getNavigationIcon();
|
|
} elseif (class_exists('\App\Filament\Pages\\' . $model)) {
|
|
$icon = ('\App\Filament\Pages\\' . $model)::getNavigationIcon();
|
|
}
|
|
|
|
return Section::make(Str::headline(Str::plural($model)))
|
|
->columnSpan(1)
|
|
->collapsible()
|
|
->collapsed()
|
|
->icon($icon)
|
|
->headerActions([
|
|
Action::make('count')
|
|
->label(fn (Get $get) => count($get(strtolower($model) . '_list')))
|
|
->badge(),
|
|
])
|
|
->schema([
|
|
CheckboxList::make(strtolower($model) . '_list')
|
|
->label('')
|
|
->options($options)
|
|
->columns()
|
|
->gridDirection('row')
|
|
->bulkToggleable()
|
|
->live()
|
|
->afterStateHydrated(
|
|
function (Component $component, string $operation, ?Role $record) use ($options) {
|
|
if (in_array($operation, ['edit', 'view'])) {
|
|
|
|
if (blank($record)) {
|
|
return;
|
|
}
|
|
|
|
if ($component->isVisible()) {
|
|
$component->state(
|
|
collect($options)
|
|
->filter(fn ($value, $key) => $record->checkPermissionTo($key))
|
|
->keys()
|
|
->toArray()
|
|
);
|
|
}
|
|
}
|
|
}
|
|
)
|
|
->dehydrated(fn ($state) => !blank($state)),
|
|
]);
|
|
}
|
|
|
|
public static function getPages(): array
|
|
{
|
|
return [
|
|
'index' => Pages\ListRoles::route('/'),
|
|
'create' => Pages\CreateRole::route('/create'),
|
|
'edit' => Pages\EditRole::route('/{record}/edit'),
|
|
];
|
|
}
|
|
}
|