F
Filament2mo ago
Jamie Cee

Saving relationships

I have a relationship set in my User form for managing roles, however I want to add some logic for role checking to make it so admins cant modify super admin roles and other roles cant modify admin and super admin roles etc
Solution:
I would suggest you use a rule instead and prevent it?
Jump to solution
6 Replies
Jamie Cee
Jamie CeeOP2mo ago
        return Select::make('roles')
            ->preload()
            ->multiple()
            ->searchable()
            ->disabled(
                function ($context, $record) {
                    if ($context == 'edit' && $record->trashed()) {
                        return true;
                    }

                    return false;
                }
            )
            ->disableOptionWhen(fn(string $value): bool => $value === RolesEnum::SUPER_ADMIN && !auth()->user()->isSuperAdmin())
            ->saveRelationshipsUsing(function ($record, $relationship, $values) {
                dd($values, $record);
                $record->syncRoles($values);
            })
            ->relationship(
                name: 'roles',
                titleAttribute: 'name',
                modifyQueryUsing: function ($query, $record) {
                    $roles = RolesEnum::allRoles();

                    if (auth()->user()) {
                        if ($record->isSuperAdmin() && $record == auth()->user()) {
                            unset($roles[array_search(RolesEnum::SUPER_ADMIN->value, $roles)]);
                        }

                        /* If user isn't a super admin, no role should have access to it */
                        if (!auth()->user()->isSuperAdmin()) {
                            unset($roles[array_search(RolesEnum::SUPER_ADMIN->value, $roles)]);
                        }

                        /* Users without the admin role, shouldnt be allowed to add/remove the admin role */
                        if (!auth()->user()->isAdmin()) {
                            unset($roles[array_search(RolesEnum::ADMIN->value, $roles)]);
                        }
                    }

                    return $query->whereIn('name', $roles);
                }
            )
        return Select::make('roles')
            ->preload()
            ->multiple()
            ->searchable()
            ->disabled(
                function ($context, $record) {
                    if ($context == 'edit' && $record->trashed()) {
                        return true;
                    }

                    return false;
                }
            )
            ->disableOptionWhen(fn(string $value): bool => $value === RolesEnum::SUPER_ADMIN && !auth()->user()->isSuperAdmin())
            ->saveRelationshipsUsing(function ($record, $relationship, $values) {
                dd($values, $record);
                $record->syncRoles($values);
            })
            ->relationship(
                name: 'roles',
                titleAttribute: 'name',
                modifyQueryUsing: function ($query, $record) {
                    $roles = RolesEnum::allRoles();

                    if (auth()->user()) {
                        if ($record->isSuperAdmin() && $record == auth()->user()) {
                            unset($roles[array_search(RolesEnum::SUPER_ADMIN->value, $roles)]);
                        }

                        /* If user isn't a super admin, no role should have access to it */
                        if (!auth()->user()->isSuperAdmin()) {
                            unset($roles[array_search(RolesEnum::SUPER_ADMIN->value, $roles)]);
                        }

                        /* Users without the admin role, shouldnt be allowed to add/remove the admin role */
                        if (!auth()->user()->isAdmin()) {
                            unset($roles[array_search(RolesEnum::ADMIN->value, $roles)]);
                        }
                    }

                    return $query->whereIn('name', $roles);
                }
            )
            ->afterStateUpdated(
                function ($state, $record, $context) {
                    dd($state, $record, $context);
                    if ($context == 'create') {
                        return $state;
                    }

                    if (
                        $record->isSuperAdmin()
                        && $record == auth()->user()
                    ) {
                        $state = array_merge($state, [RolesEnum::SUPER_ADMIN]);
                    }

                    return $state;
                }
            );
            ->afterStateUpdated(
                function ($state, $record, $context) {
                    dd($state, $record, $context);
                    if ($context == 'create') {
                        return $state;
                    }

                    if (
                        $record->isSuperAdmin()
                        && $record == auth()->user()
                    ) {
                        $state = array_merge($state, [RolesEnum::SUPER_ADMIN]);
                    }

                    return $state;
                }
            );
My issue is that I cant seem to modify the logic before saving. I can remove the roles from the dropdown, but the saveRelationshipUsing where I have a dd() never gets hit
Solution
toeknee
toeknee2mo ago
I would suggest you use a rule instead and prevent it?
Jamie Cee
Jamie CeeOP2mo ago
Ah yeah, that makes sense.\
Jamie Cee
Jamie CeeOP2mo ago
Actually got another question with this. So the rule validation works and stops me from being allowed to remove my role. But I've also added a disableOptionWhen so that it cant be touched, but doesn't seem to be exactly what im after... in the case of, when a user is already admin, I want them to see admin selected but remove the ability to click the x that removes it
No description
Jamie Cee
Jamie CeeOP2mo ago
So I realise the disableOptionWhen is for the preventing of selecting from the list, so don't think that is exactly what im after
toeknee
toeknee2mo ago
Yeah…. It’s not really what you’re after, why not just hide the role? so they can’t remove it/see their primary role

Did you find this page helpful?