Filament•15mo ago

Filament Shield, how to create different permissions in same role

Hi There, i am using Filament Shield, my question is: how to create different permissions in same role? example: Role: USER Permission

User: John Resources: Brand Can: Create, Read, Update

User: Doe Resources: Brand Can: Read, Update, Delete

how to achieve that? Thankyou

Solution:

yes, thankyou @Vp for your help i use php artisan permission:show to list out all of the permission and i wrong , not view_any::users but view_any_other::user because i put User.php in 'other'...

Jump to solution

17 Replies

Vp•15mo ago

Ask in #shield but I don't think it's possible so suggested you to create two roles. Eg: 1. Brand_Creator (create, read, update), 2. Brand_Del (read, update, delete) etc.. and assign different roles on different user And please don't spam your question.. you need to be patient

wandiapriantoOP•15mo ago

thankyou for your answer Sir, i have another question Sir,

why user resources doesn't show in navbar?

this is my User.php (app > models > User.php)

use Spatie\Permission\Traits\HasRoles;
use Filament\Models\Contracts\FilamentUser;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use BezhanSalleh\FilamentShield\Traits\HasPanelShield;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable implements HasTenants, MustVerifyEmail, FilamentUser
{
    use HasApiTokens;
    use HasFactory;
    use Notifiable;
    use HasRoles;
    use HasPanelShield;
   
    ...

use Spatie\Permission\Traits\HasRoles;
use Filament\Models\Contracts\FilamentUser;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use BezhanSalleh\FilamentShield\Traits\HasPanelShield;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable implements HasTenants, MustVerifyEmail, FilamentUser
{
    use HasApiTokens;
    use HasFactory;
    use Notifiable;
    use HasRoles;
    use HasPanelShield;
   
    ...

and this is my UserPolicy.php (app > policies > UserPolicy.php)

<?php

namespace App\Policies;

use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function viewAny(User $user): bool
    {
        return $user->can('view_any::user');
    }

    public function view(User $user): bool
    {
        return $user->can('view::user');
    }

    public function create(User $user): bool
    {
        return $user->can('create::user');
    }
    
    ...

}

<?php

namespace App\Policies;

use App\Models\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class UserPolicy
{
    use HandlesAuthorization;

    public function viewAny(User $user): bool
    {
        return $user->can('view_any::user');
    }

    public function view(User $user): bool
    {
        return $user->can('view::user');
    }

    public function create(User $user): bool
    {
        return $user->can('create::user');
    }
    
    ...

}

and my AuthServiceProvider:

protected $policies = [
    ...
    'App\Models\User' => 'App\Policies\UserPolicy',
    'Spatie\Permission\Models\Role' => 'App\Policies\RolePolicy',
    ...
];

protected $policies = [
    ...
    'App\Models\User' => 'App\Policies\UserPolicy',
    'Spatie\Permission\Models\Role' => 'App\Policies\RolePolicy',
    ...
];

can you help me Sir?

wandiapriantoOP•15mo ago

it must be appear below of "Youtubes" Menu (Other)

Vp•15mo ago

Post user resource

wandiapriantoOP•15mo ago

ManageUsers.php (app > filament > resources > other > userresource > pages)

<?php

namespace App\Filament\Resources\Other\UserResource\Pages;

use App\Filament\Resources\Other\UserResource;
use Filament\Resources\Pages\ManageRecords;

class ManageUsers extends ManageRecords
{
    protected static string $resource = UserResource::class;

    protected function getActions(): array
    {
        return [
            \Filament\Actions\CreateAction::make(),
        ];
    }
}

<?php

namespace App\Filament\Resources\Other\UserResource\Pages;

use App\Filament\Resources\Other\UserResource;
use Filament\Resources\Pages\ManageRecords;

class ManageUsers extends ManageRecords
{
    protected static string $resource = UserResource::class;

    protected function getActions(): array
    {
        return [
            \Filament\Actions\CreateAction::make(),
        ];
    }
}

UserResource.php (app > filament > resources > other)

<?php

namespace App\Filament\Resources\Other;

use App\Filament\Resources\Other\UserResource\Pages;
use App\Models\User;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Infolists\Components;
use Filament\Infolists\Components\TextEntry;
use Filament\Infolists\Infolist;
use Filament\Resources\Resource;
use Filament\Tables;
use Filament\Tables\Table;

class UserResource extends Resource
{
    protected static ?string $model = User::class;
    protected static ?string $slug = 'other/users';
    protected static ?string $recordTitleAttribute = 'name';
    protected static ?string $navigationGroup = 'Other';
    protected static ?string $navigationIcon = 'heroicon-o-circle-stack';
    protected static ?int $navigationSort = 3;

    public static function form(Form $form): Form
    {
        return $form
            ->schema([
                Forms\Components\TextInput::make('name')
                    ->required()
                    ->unique(User::class, 'name', ignoreRecord: true),

                Forms\Components\Select::make('roles')
                    ->relationship('roles', 'name')
                    ->multiple()
                    ->preload()
                    ->searchable()
            ])->columns(1);
    }

    public static function table(Table $table): Table
    {
        ...
    }

    public static function infolist(Infolist $infolist): Infolist
    {
        ...
    }

    public static function getPages(): array
    {
        ...
    }
}

<?php

namespace App\Filament\Resources\Other;

use App\Filament\Resources\Other\UserResource\Pages;
use App\Models\User;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Infolists\Components;
use Filament\Infolists\Components\TextEntry;
use Filament\Infolists\Infolist;
use Filament\Resources\Resource;
use Filament\Tables;
use Filament\Tables\Table;

class UserResource extends Resource
{
    protected static ?string $model = User::class;
    protected static ?string $slug = 'other/users';
    protected static ?string $recordTitleAttribute = 'name';
    protected static ?string $navigationGroup = 'Other';
    protected static ?string $navigationIcon = 'heroicon-o-circle-stack';
    protected static ?int $navigationSort = 3;

    public static function form(Form $form): Form
    {
        return $form
            ->schema([
                Forms\Components\TextInput::make('name')
                    ->required()
                    ->unique(User::class, 'name', ignoreRecord: true),

                Forms\Components\Select::make('roles')
                    ->relationship('roles', 'name')
                    ->multiple()
                    ->preload()
                    ->searchable()
            ])->columns(1);
    }

    public static function table(Table $table): Table
    {
        ...
    }

    public static function infolist(Infolist $infolist): Infolist
    {
        ...
    }

    public static function getPages(): array
    {
        ...
    }
}

Vp•15mo ago

Weird, base on your code it should display.. any cache issue?

wandiapriantoOP•15mo ago

already clear cache using

 php artisan optimize

 php artisan optimize

but still not working, any solution Sir? or maybe i have wrong in my code?

DrByte•15mo ago

A resource won't show in the nav menu if the viewAny permission in the Policy returns false. Perhaps the user you're testing with doesn't have the permission?

wandiapriantoOP•15mo ago

@DrByte in this capture, the user already have the permission all of the permission in UserResources

wandiapriantoOP•15mo ago

DrByte•15mo ago

Try returning true from viewAny() in your UserPolicy.

wandiapriantoOP•15mo ago

okay Sir, i'll try

wandiapriantoOP•15mo ago

it's work Sir this is my code after modified

class UserPolicy
{
    use HandlesAuthorization;

    public function viewAny(User $user): bool
    {
        // return $user->can('view_any::user');
        return true;
    }

class UserPolicy
{
    use HandlesAuthorization;

    public function viewAny(User $user): bool
    {
        // return $user->can('view_any::user');
        return true;
    }

DrByte•15mo ago

Okay, then that means that either the user doesn't have the permission, or your can('view_any::user') is wrong. You will have to investigate why.

wandiapriantoOP•15mo ago

Okay, thankyou so much. i will investigate the permission.

Vp•15mo ago

It should be something like this view_any_user::other::user Just run shield:generate and it'll reformat the permission name..

Solution

wandiaprianto•15mo ago

yes, thankyou @Vp for your help i use php artisan permission:show to list out all of the permission and i wrong , not view_any::users but view_any_other::user because i put User.php in 'other'

Gaming

Programming

Filament Shield, how to create different permissions in same role

Did you find this page helpful?