F
Filament5mo ago
pace

Handling Users with No Permissions

I am using Filament Shield to allow the admin to manage user roles and permissions. However, after login, if a user doesn't have permission to access any resources, no 403 error message is displayed, and the user is redirected in an infinite loop to /admin. What I want to achieve is to show a 403 error page when the user doesn't have permission to access any resources. I attempted to create a middleware to check if the user has access to any menu items:
public function handle(Request $request, Closure $next)
{
if (auth()->user()) {
$navigationManager = new NavigationManager;
$navigation = $navigationManager->getNavigationItems();

if (empty($navigation)) {
abort(403, 'No navigation items are available for the authenticated user. Please contact the system administrator.');
}
}

return $next($request);
}
public function handle(Request $request, Closure $next)
{
if (auth()->user()) {
$navigationManager = new NavigationManager;
$navigation = $navigationManager->getNavigationItems();

if (empty($navigation)) {
abort(403, 'No navigation items are available for the authenticated user. Please contact the system administrator.');
}
}

return $next($request);
}
However, when this middleware is invoked, the NavigationManager doesn’t return any items, regardless of the user's permissions. It seems that the NavigationManager might not be booted or loaded at this point. How can I ensure the navigation items are loaded before the middleware runs? Or is there another solution to handle this issue? Any advice would be greatly appreciated. Thanks!
1 Reply
awcodes
awcodes5mo ago
You should check if the user has any roles or permissions in the canAccessFilament() method on User model.
Want results from more Discord servers?
Add your server