F
Filamentβ€’13mo ago
Kanalaetxebarria

How to enforce policy on list pages

Hi, I noticed that the view() method of the policies doesn't work on the ListPages. What would be a good way to enforce some authorization on the ListPages?
7 Replies
awcodes
awcodesβ€’13mo ago
viewAny() that will restrict access to the whole page
Kanalaetxebarria
Kanalaetxebarriaβ€’13mo ago
That won't do it. I need different users to only be able to see their own records. Normally I'd use a policy like $user->id === $product->vendor_id. But it doesn't seem to work on the list pages
awcodes
awcodesβ€’13mo ago
ah, that would need to be handled with the query on the ListRecords class. on tables the policies only limits what actions can be taken against the records.
Kanalaetxebarria
Kanalaetxebarriaβ€’13mo ago
Great! How can I modify that? The class seems to be burried in the vendor directory
awcodes
awcodesβ€’13mo ago
It's on ListPages. Assuming 'Page' is your resource, that's the one that extends ListRecords. You can override the query there. 
protected function getTableQuery(): Builder
{
    return parent::getTableQuery()->extraMethods();
}
protected function getTableQuery(): Builder
{
    return parent::getTableQuery()->extraMethods();
}
Kanalaetxebarria
Kanalaetxebarriaβ€’13mo ago
Great, thanks! πŸ™‚
Kanalaetxebarria
Kanalaetxebarriaβ€’13mo ago
For anybody else looking for this, you can also modify the query for the entire resource: https://filamentphp.com/docs/2.x/admin/resources/listing-records#customizing-the-eloquent-query
Filament
Listing records - Resources - Admin Panel - Filament
The elegant TALL stack admin panel for Laravel artisans.
Want results from more Discord servers?
Add your server
More Posts
Refactoring closures into a trait (or some other structure)I have a very large form with tonnes of dependant fields, dynamic hints, options etc. The entire forIs there a way to "stack" filters?For example if I have a select filter that shows "Book 1, Book 2, Book 3" and then I have a second sError 401 on upload in Filament AdminLog file at: https://paste.laravel.io/6d98bbfc-28ec-44b1-8774-99f012e06cc0 Getting an 401 on the XHSelect::searchable() is not reactive?Here's my screen record: https://www.loom.com/share/67e1b9b57e174bf3bc727ff7802d822c The rest of thHelp with reactive viewI created a basic greeting card maker that uses two models Design (for the content) and Template (foRe-size the Widgets Card to 3 Column/GridBasically i dont want the Widgets to take full space above the Table . I did try using getHeaderWidgJSON Values and Hidden FieldsI am using the following fields attached (statePath) to a JSON column: ```php Grid::make(2)->statePSection CollapseSection::make('Heading') ->schema([ // ... ]) ->collapsed() how to make sectioncan i create a form in app/Filament/Pages/CreateModelname.php?A form which i use only to create a record? i tried: ```php <?php namespace App\Filament\ResourceCheckboxList group optionsI have this checkbox list ```CheckboxList::make('amenities') ->label('') ->columns(5)