Filament•15mo ago

Enable relational manager table actions based on a policy

I have a policy for my notes table (which is only accessible through a different resource's relational manager) where I want to allow a record to be updated or deleted only by users that have authorization via said policy. Does anyone know how I can go about doing this? NotePolicy.php

<?php

namespace App\Policies;

use App\Models\Note;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class NotePolicy
{
    use HandlesAuthorization;

    public function update(User $user, Note $note): bool
    {
        return $user->id === $note->user_id;
    }

    public function delete(User $user, Note $note): bool
    {
        return $user->id === $note->user_id;
    }

}

<?php

namespace App\Policies;

use App\Models\Note;
use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class NotePolicy
{
    use HandlesAuthorization;

    public function update(User $user, Note $note): bool
    {
        return $user->id === $note->user_id;
    }

    public function delete(User $user, Note $note): bool
    {
        return $user->id === $note->user_id;
    }

}

NotesRelationalManager.php (current, non-working attempt)

...

  ->actions([
    Tables\Actions\ViewAction::make(),
    Tables\Actions\EditAction::make()
      ->visible(auth()->user()->can('update', $this)),
    Tables\Actions\DeleteAction::make()
      ->visible(auth()->user()->can('update', $this)),
  ])
...

...

  ->actions([
    Tables\Actions\ViewAction::make(),
    Tables\Actions\EditAction::make()
      ->visible(auth()->user()->can('update', $this)),
    Tables\Actions\DeleteAction::make()
      ->visible(auth()->user()->can('update', $this)),
  ])
...

2 Replies

Patrick Boivin•15mo ago

Maybe something like this

->visible(fn ($record) => auth()->user()->can('update', $record)),

->visible(fn ($record) => auth()->user()->can('update', $record)),

FinnOP•15mo ago

this worked! thank you 😄

Gaming

Programming

Enable relational manager table actions based on a policy