Filament•16mo ago

Access to panel

Hi, How can I set a condition (based on user role for example) to deny users to access to a specific panel? thanks 🙂 without using a middleware

21 Replies

Patrick Boivin•16mo ago

Probably this https://filamentphp.com/docs/3.x/panels/users#authorizing-access-to-the-panel

Users - Panel Builder - Filament

BKF DevOP•16mo ago

Thanks for answer, unfortunately this is for all panels, but I need for only panel X Am I wrong ?

Patrick Boivin•16mo ago

Yes, it's for all panels. There are other options to do it per-panel. It's on the same page in the docs.

BKF DevOP•16mo ago

Could you please share it with me, sorry I didn't get it :/

Patrick Boivin•16mo ago

Let's backtrack a little bit, you have many panels, and you want to limit access for one specific pannel?

BKF DevOP•16mo ago

Yes, one or many ofc

Patrick Boivin•16mo ago

~~Maybe this https://filamentphp.com/docs/3.x/panels/users#setting-the-authentication-guard~~

BKF DevOP•16mo ago

I see, do you know what is an authentication guard 🙂

Patrick Boivin•16mo ago

lol, yes I got that wrong

BKF DevOP•16mo ago

hhh it's okey but really I appreciate your assistance 🙂

Patrick Boivin•16mo ago

1 sec If you want to go with canAccessPanel(), you can check the current panel with filament()->getCurrentPanel()

BKF DevOP•16mo ago

Yes there's a solution but not nice for me, use that function and set a loop or may be a switch

Patrick Boivin•16mo ago

Ok, it sounds like you know what you're doing. I'll be curious to know your solution when you have it, if you want to share it.

BKF DevOP•16mo ago

What I hope to see is a function on Panel, something like this ->canAccess(bool) 🙂 Waiting for a filament member to assist us

darkdev0821•16mo ago

Curious about this too, different panels and different user role access would be great! 🙂

Emil | Emien•16mo ago

I use a Middleware

class IsAdmin
{
    public function handle(Request $request, Closure $next): Response
    {
        if (Auth::user() && !Auth::user()->is_admin) {
            abort(403, 'Access denied');
        }

        return $next($request);
    }
}

class IsAdmin
{
    public function handle(Request $request, Closure $next): Response
    {
        if (Auth::user() && !Auth::user()->is_admin) {
            abort(403, 'Access denied');
        }

        return $next($request);
    }
}

And then added it to the middleware() on the panel.

darkdev0821•16mo ago

  public function canAccessPanel(Panel $panel): bool
    {
        if ($panel->isDefault()) {
            return $this->is_admin;
        } else {
            return true;
        }
    }

what about this? and have the admin(main one as default)? would it be a light check? rather than a middleware? this won't really help on multiple pannels, but I saw in the ServiceProvider that it has a default method

BKF DevOP•16mo ago

Thanks, and yes I've already made it like that

darkdev0821•16mo ago

so probably the Middleware is the best and the easiest to do thanks

Disouric•16mo ago

  public function canAccessPanel(\Filament\Panel $panel): bool
  {
      if ($panel->getId() === "app") {
          return XXX;
      } else if ($panel->getId() === "production") {
          return XXX;
      }

      return XXX;
  }

  public function canAccessPanel(\Filament\Panel $panel): bool
  {
      if ($panel->getId() === "app") {
          return XXX;
      } else if ($panel->getId() === "production") {
          return XXX;
      }

      return XXX;
  }

in the model ^

HL•16mo ago

use Filament\Http\Middleware\Authenticate;
use App\Http\Middleware\Admin;

...
$panel
...
->authMiddleware([
                Authenticate::class,
                Admin::class,
            ])

use Filament\Http\Middleware\Authenticate;
use App\Http\Middleware\Admin;

...
$panel
...
->authMiddleware([
                Authenticate::class,
                Admin::class,
            ])

This is probably the cleanest if you have the admin middleware

Gaming

Programming

Access to panel