Filament•2mo ago

Panel ACL in local development

Is there a way to disable the ability for any user to access a panel when running locally and instead have the production behaviour consistently?

8 Replies

IllizianOP•2mo ago

also; FWIW, that seems like a very bizarre decision. is there a reason behind the choice for it to act differently locally?

Mohamed Ayaou•2mo ago

Yes. for devs experience just switch the environment in your .env file to production and that's it

IllizianOP•2mo ago

Hard disagree. How are you meant to test ACL if it just ignores it

Mohamed Ayaou•2mo ago

Just set environment to production

IllizianOP•2mo ago

An---yway.... I'll await confirmation that this definitely can't be disabled and then PR it in haha

Lara Zeus•2mo ago

abort_if(
$user instanceof FilamentUser ?
    (! $user->canAccessPanel($panel)) :
    (config('app.env') !== 'local'),
403,
);

abort_if(
$user instanceof FilamentUser ?
    (! $user->canAccessPanel($panel)) :
    (config('app.env') !== 'local'),
403,
);

I think this means only check for the env if the user model not an instance of FilamentUser

IllizianOP•2mo ago

Yeah, if it's a FilamentUser, it uses the method you have to implement, but if it's not then it falls through to app env. I think that app.env is an anti pattern, honestly. I might open a PR purely to open it up to a conversation. Thanks for checking. Could you link me to that?

Lara Zeus•2mo ago

Filament\Http\Middleware\Authenticate:32

Gaming

Programming

Panel ACL in local development

Did you find this page helpful?