Filament•2y ago

Dropdown access depending on role

In this case, I want the dropdown "Status" to be locked to the Option Pending, and only users with the role super-admin can change it.

43 Replies

MatthewOP•2y ago

public static function form(Form $form): Form
    {
        return $form
            ->schema(
                Card::make([
                    TextInput::make('amount_in_euro')->mask(
                        fn (TextInput\Mask $mask) => $mask
                            ->patternBlocks([
                                'money' => fn (Mask  $mask) => $mask
                                    ->numeric()
                                    ->thousandsSeparator('')
                                    ->decimalSeparator('.')
                                    ->decimalPlaces(2)
                                    ->signed(false)
                                    ->padFractionalZeros()
                                    ->normalizeZeros(false),
                            ])
                            ->pattern("€money")
                            ->lazyPlaceholder(false)
                    ),
                    DatePicker::make('date_of_purchase')
                        ->required()
                        ->displayFormat('d/m/Y'),
                    Select::make('purchaser')
                        ->required()
                        ->label('Purchaser')
                        ->options(User::all()->pluck('name', 'id'))
                        ->searchable(),

public static function form(Form $form): Form
    {
        return $form
            ->schema(
                Card::make([
                    TextInput::make('amount_in_euro')->mask(
                        fn (TextInput\Mask $mask) => $mask
                            ->patternBlocks([
                                'money' => fn (Mask  $mask) => $mask
                                    ->numeric()
                                    ->thousandsSeparator('')
                                    ->decimalSeparator('.')
                                    ->decimalPlaces(2)
                                    ->signed(false)
                                    ->padFractionalZeros()
                                    ->normalizeZeros(false),
                            ])
                            ->pattern("€money")
                            ->lazyPlaceholder(false)
                    ),
                    DatePicker::make('date_of_purchase')
                        ->required()
                        ->displayFormat('d/m/Y'),
                    Select::make('purchaser')
                        ->required()
                        ->label('Purchaser')
                        ->options(User::all()->pluck('name', 'id'))
                        ->searchable(),

                   Select::make('status')
                        ->label('Status')
                        ->options(Status::all()->pluck('name', 'id'))
                        ->searchable()
                        ->when(Auth::user()->getAuthIdentifier()),
                    Textarea::make('description')
                        ->required()
                        ->columnSpan(2)
                        ->maxLength(255),
                    FileUpload::make('attachment')
                        ->required()
                        ->multiple()
                        ->columnSpan(2)
                        ->enableOpen()
                        ->disk('public')
                        ->storeFileNamesIn('attachment_file_names')
                        ->enableDownload()
                        ->maxSize(25600)
                ])->columns(2)
            );
    }

                   Select::make('status')
                        ->label('Status')
                        ->options(Status::all()->pluck('name', 'id'))
                        ->searchable()
                        ->when(Auth::user()->getAuthIdentifier()),
                    Textarea::make('description')
                        ->required()
                        ->columnSpan(2)
                        ->maxLength(255),
                    FileUpload::make('attachment')
                        ->required()
                        ->multiple()
                        ->columnSpan(2)
                        ->enableOpen()
                        ->disk('public')
                        ->storeFileNamesIn('attachment_file_names')
                        ->enableDownload()
                        ->maxSize(25600)
                ])->columns(2)
            );
    }

LeandroFerreira•2y ago

->disabled() ->dehydrated() ?

MatthewOP•2y ago

Yeah but how can I lock the dropdown, based on the role that is logged in?

LeandroFerreira•2y ago

are you using spatie permissions?

MatthewOP•2y ago

Im pretty sure, yes

LeandroFerreira•2y ago

->disabled(auth()->user()->cannot('super-admin')) ?

MatthewOP•2y ago

Im afraid not

LeandroFerreira•2y ago

try !can, or !hasRole

MatthewOP•2y ago

They dont exist as options:/

LeandroFerreira•2y ago

try and check on the browser

LeandroFerreira•2y ago

https://spatie.be/docs/laravel-permission/v5/introduction

Introduction | laravel-permission

laravel-permission

LeandroFerreira•2y ago

->disabled(!auth()->user()->hasRole('super-admin'))

MatthewOP•2y ago

hasRoles doesnt exist for me:/

MatthewOP•2y ago

Does it for you?

class User extends Authenticatable implements FilamentUser
{
    use HasApiTokens, HasFactory, Notifiable, HasFilamentShield;
    use HasRoles;
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
        'role_id'
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
    ];

    public function role() {
        return $this->belongsTo(Role::class);
    }
}

class User extends Authenticatable implements FilamentUser
{
    use HasApiTokens, HasFactory, Notifiable, HasFilamentShield;
    use HasRoles;
    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
        'role_id'
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    /**
     * The attributes that should be cast.
     *
     * @var array<string, string>
     */
    protected $casts = [
        'email_verified_at' => 'datetime',
    ];

    public function role() {
        return $this->belongsTo(Role::class);
    }
}

LeandroFerreira•2y ago

should work. Any laravel error on the browser?

MatthewOP•2y ago

nope, no errors whatsoever It just doesnt do anything. Its locked for all users But the hasRoles doesnt exist for some reason

LeandroFerreira•2y ago

intelephense issue, maybe can/cannot to permissions. Sorry, my bad But check the spatie setup because hasRole should work: https://spatie.be/docs/laravel-permission/v5/basic-usage/role-permissions#content-checking-roles You can also check by id: ->hasRole(1)

Using Permissions via Roles | laravel-permission

laravel-permission

MatthewOP•2y ago

the hasRole should work in the form in the resource file? Maybe @Dan Harrin knows?

Kenneth Sese•2y ago

Yes, hasRole should work anywhere. It’s not a form thing. Are you sure you have a super-admin role set up? It’s not by default. Is that the name? It is case sensitive. The fact that you’re not getting errors and that it is disabling means that it’s a role/permission configuration problem.

MatthewOP•2y ago

How can I make sure that I do have super-admin?\

MatthewOP•2y ago

I have this I tried this command in my previous project as well, and it also doesnt work

Kenneth Sese•2y ago

It seems like you do BUT your super admin name is with an underscore, not hyphen. Try that hasRole('super_admin') And then of course make sure whatever user you are logged in as is actually assigned the super admin role.

MatthewOP•2y ago

nice! That works! Even though it still shows up as an error

AmauryCid•2y ago

Hello, how to disable a field in a form while another field is empty/null?

awcodes•2y ago

@thethunderturner you might need to reindex the LSP

MatthewOP•2y ago

What I dont like, is that its hard coded. Is there a way to specify here that this user cannot change the status of the Select in the Expense model?

MatthewOP•2y ago

MatthewOP•2y ago

What is the LSP?

awcodes•2y ago

also you don't need both HasRoles and HasFilamentShield on your User model. HasFilamentShield includes the HasRoles trait.

MatthewOP•2y ago

I was thinking maybe tweaking the policies. but that hasnt done anything so far

awcodes•2y ago

LSP is the language service provider. In you case it's Intelephense. Bring up the command pallet and search for the command in the picture. That should help.

MatthewOP•2y ago

yep the error disappeared now haha

awcodes•2y ago

You would need a custom permission to achieve that and still check it on the field. That's not really a Policy level autorization.

MatthewOP•2y ago

Im honestly quite confused 😦 How would I create a custom permission just for the model Expense? The resource should have HasShieldPermissions

MatthewOP•2y ago

I can create a custom permission, but how do I assign it to a function, to... do something

awcodes•2y ago

https://github.com/bezhanSalleh/filament-shield#custom-permissions

MatthewOP•2y ago

yeah. ive already read it, but it seems im at a roadblock

class ExpensePolicy
{
    use HandlesAuthorization;

    /**
     * Determine whether the user can reorder.
     *
     * @param  \App\Models\User  $user
     * @return \Illuminate\Auth\Access\Response|bool
     */
    public function status(User $user)
    {
        return $user->can('can_edit_status');
    }
}

class ExpensePolicy
{
    use HandlesAuthorization;

    /**
     * Determine whether the user can reorder.
     *
     * @param  \App\Models\User  $user
     * @return \Illuminate\Auth\Access\Response|bool
     */
    public function status(User $user)
    {
        return $user->can('can_edit_status');
    }
}

MatthewOP•2y ago

MatthewOP•2y ago

MatthewOP•2y ago

MatthewOP•2y ago

But I cant edit the dropdown Hope you have some clue as to what I should do

awcodes•2y ago

Your permission is the wrong name. Based on how you se it up it would be ->can(‘status_expense’)

MatthewOP•2y ago

oh my god... It works! Thanks a million! :)

Gaming

Programming

Dropdown access depending on role