Allow to register custom role permissions (#1208)

2025-05-20 01:44:45 +02:00 · 2025-04-04 09:30:45 +02:00 · 2025-04-04 09:30:45 +02:00 · 20f271041a
commit 20f271041a
parent c3b8b71f9c
2 changed files with 78 additions and 24 deletions
--- a/app/Filament/Admin/Resources/RoleResource.php
+++ b/app/Filament/Admin/Resources/RoleResource.php
@ -2,8 +2,6 @@

 namespace App\Filament\Admin\Resources;

-use App\Enums\RolePermissionModels;
-use App\Enums\RolePermissionPrefixes;
 use App\Filament\Admin\Resources\RoleResource\Pages;
 use App\Models\Role;
 use Filament\Forms\Components\Actions\Action;
@ -95,32 +93,16 @@ class RoleResource extends Resource

    public static function form(Form $form): Form
    {
-        $permissions = [];
+        $permissionSections = [];

-        foreach (RolePermissionModels::cases() as $model) {
+        foreach (Role::getPermissionList() as $model => $permissions) {
            $options = [];

-            foreach (RolePermissionPrefixes::cases() as $prefix) {
-                $options[$prefix->value . ' ' . strtolower($model->value)] = Str::headline($prefix->value);
+            foreach ($permissions as $permission) {
+                $options[$permission . ' ' . strtolower($model)] = Str::headline($permission);
            }

-            if (array_key_exists($model->value, Role::MODEL_SPECIFIC_PERMISSIONS)) {
-                foreach (Role::MODEL_SPECIFIC_PERMISSIONS[$model->value] as $permission) {
-                    $options[$permission . ' ' . strtolower($model->value)] = Str::headline($permission);
-                }
-            }
-
-            $permissions[] = self::makeSection($model->value, $options);
-        }
-
-        foreach (Role::SPECIAL_PERMISSIONS as $model => $prefixes) {
-            $options = [];
-
-            foreach ($prefixes as $prefix) {
-                $options[$prefix . ' ' . strtolower($model)] = Str::headline($prefix);
-            }
-
-            $permissions[] = self::makeSection($model, $options);
+            $permissionSections[] = self::makeSection($model, $options);
        }

        return $form
@ -137,7 +119,7 @@ class RoleResource extends Resource
                    ->hidden(),
                Fieldset::make(trans('admin/role.permissions'))
                    ->columns(3)
-                    ->schema($permissions)
+                    ->schema($permissionSections)
                    ->hidden(fn (Get $get) => $get('name') === Role::ROOT_ADMIN),
                Placeholder::make('permissions')
                    ->label(trans('admin/role.permissions'))
--- a/app/Models/Role.php
+++ b/app/Models/Role.php
@ -2,6 +2,8 @@

 namespace App\Models;

+use App\Enums\RolePermissionModels;
+use App\Enums\RolePermissionPrefixes;
 use Spatie\Permission\Models\Role as BaseRole;

 /**
@ -41,6 +43,76 @@ class Role extends BaseRole
        ],
    ];

+    /** @var array<string, array<string>> */
+    protected static array $customPermissions = [];
+
+    /** @param array<string, array<string>> $customPermissions */
+    public static function registerCustomPermissions(array $customPermissions): void
+    {
+        static::$customPermissions = [
+            ...static::$customPermissions,
+            ...$customPermissions,
+        ];
+    }
+
+    public static function registerCustomDefaultPermissions(string $model): void
+    {
+        $permissions = [];
+
+        foreach (RolePermissionPrefixes::cases() as $prefix) {
+            $permissions[] = $prefix->value;
+        }
+
+        static::registerCustomPermissions([
+            $model => $permissions,
+        ]);
+    }
+
+    /** @return array<string, array<string>> */
+    public static function getPermissionList(): array
+    {
+        $allPermissions = [];
+
+        // Standard permissions for our default model
+        foreach (RolePermissionModels::cases() as $model) {
+            $allPermissions[$model->value] ??= [];
+
+            foreach (RolePermissionPrefixes::cases() as $prefix) {
+                array_push($allPermissions[$model->value], $prefix->value);
+            }
+
+            if (array_key_exists($model->value, Role::MODEL_SPECIFIC_PERMISSIONS)) {
+                foreach (static::MODEL_SPECIFIC_PERMISSIONS[$model->value] as $permission) {
+                    array_push($allPermissions[$model->value], $permission);
+                }
+            }
+        }
+
+        // Special permissions for our default models
+        foreach (static::SPECIAL_PERMISSIONS as $model => $prefixes) {
+            $allPermissions[$model] ??= [];
+
+            foreach ($prefixes as $prefix) {
+                array_push($allPermissions[$model], $prefix);
+            }
+        }
+
+        // Custom third party permissions
+        foreach (static::$customPermissions as $model => $prefixes) {
+            $allPermissions[$model] ??= [];
+
+            foreach ($prefixes as $prefix) {
+                array_push($allPermissions[$model], $prefix);
+            }
+        }
+
+        foreach ($allPermissions as $model => $permissions) {
+            $allPermissions[$model] = array_unique($permissions);
+        }
+
+        return $allPermissions;
+    }
+
    public function isRootAdmin(): bool
    {
        return $this->name === self::ROOT_ADMIN;