F
Filamentβ€’8mo ago
Sorin

Where is the Filament\Actions\Concerns\CanBeHidden::authorize() method in the documentation ?

Hello. I was looking through Filament's documentation, and I have found no mentions of the authorize() method. I want to use this method to allow only admins to click a certain button in my infolist view, and I'm not sure if the authorize() method only hides the button, or if a non-admin user calls the endpoint, they'll get a 403. Does anybody know where in the docs this method is explained ? Thank you πŸ˜„
6 Replies
LeandroFerreira
LeandroFerreiraβ€’8mo ago
Sorin
SorinOPβ€’8mo ago
Thank you for the response. I don't see the authorize() method on the page that you've provided. My code looks something like this: 
Action::make('Accept')->authorize(fn (Request $request): bool => $request->status === RequestStatus::PENDING && auth()->user()->isAdmin()),
Action::make('Accept')->authorize(fn (Request $request): bool => $request->status === RequestStatus::PENDING && auth()->user()->isAdmin()),
, and Action is: Filament\Infolists\Components\Actions\Action
LeandroFerreira
LeandroFerreiraβ€’8mo ago
not sure if I can explain it, but I believe using authorize is an alternative for controlling action visibility based on policies, abilities... you can use as your example and ->visible() or ->hidden() will have the same result.
Sorin
SorinOPβ€’8mo ago
Hmm, oke. Do you know if they also throw a 403 if an unauthorised user tries to send a request to the action, or only hide the action button ?
LeandroFerreira
LeandroFerreiraβ€’8mo ago
only hide I think
Sorin
SorinOPβ€’8mo ago
It would make sense, based on the name of the methods. Thank you very much for the answers.
Want results from more Discord servers?
Add your server