Filament•7mo ago

Access Control for the Resource?

I am working on "ItrepairResource", and I want regular users to only be able to view the record after submitting the form. Only specific users who have roles such as 'Admin', 'AW4', 'AW5', 'NA_PT', 'IA_PT' (Auth::user()->roles()->whereIn('type', ['Admin', 'AW4', 'AW5', 'NA_PT', 'IA_PT'])->exists()) should be able to go to the Edit page and make edits. Where should I implement this feature? The attachment is my ItrepairResource.

ItrepairResource.php

3 Replies

Povilas K•7mo ago

It should be handled by Laravel Policies https://filamentphp.com/docs/3.x/panels/resources/getting-started#authorization

Getting started - Panel Builder - Filament

Povilas K•7mo ago

Users may access the Edit page if the update() method of the model policy returns true. https://filamentphp.com/docs/3.x/panels/resources/editing-records#authorization

Editing records - Panel Builder - Filament

Dennis Koch•7mo ago

You probably also want to override the table query to limit the shown entries.

Gaming

Programming

Access Control for the Resource?