When to move from different panels to user permissions.
I have the following situation:
there is an invoices resource.
admins can view and edit all invoices
users can view and create invoices assingned to them
managers view all invoices but not create new ones.
my current implementation is to create a new panel for every user type, I am wondering if implementing user roles is worth it at the moment or should I stick with the current implementation.
If I should go with user permissions what plugin should I use / does filament have a permission system of it's own?
4 Replies
Filament uses policies for most of the actions. If it's not there, you can usually add it via
->hidden()
attribute on a lot of things.
There is Shield plugin that seems to be quite popular.
As for when to move into different panels - that depends. In my eyes, I would only move to different panels if the forms differ. For example, it's not just limited who can do what with a resource, but which resources are managed by who. In your case, it seems like you focus on invoices and specific actions around them, so I'm not sure if it's the best option to split yet.the main difference between the invoice resource for admins and regular users is this line:
now that I think about it I could add a condition to apply this only if the logged in user is not an admin, but as the app grows I am sure I'll need to add more roles so this conditional will grow..
You can add scopes for that, but I would not worry about this until you see the need. Unless you already know that it's going to be there 100% - then probably implementing something to manage it - would be beneficial
sounds good, thanks for the help