Razuro
Razuro
PostsComments
FFilament
Created by Razuro on 6/16/2024 in #❓┊help
Relationship model policies and authorisation on Select Form fields
Thank you both for the suggestions! I'm not trying to filter data depending on roles, the user either has access to it, or doesn't have access to it, so I don't have to worry about that. I took some time and read trough the docs more thoroughly and it seems even there the ->hidden() and ->disabled() options are used for access control in an example. So I will assume that if the policies are set up correctly it will block the user from saving or getting hidden/disabled fields. If anyone has this questions, there is more information here: https://filamentphp.com/docs/3.x/forms/fields/getting-started#disabling-a-field
8 replies
FFilament
Created by Razuro on 6/16/2024 in #❓┊help
Relationship model policies and authorisation on Select Form fields
My current implementation looks like this: 
Section::make('Location Information')->schema([

    Select::make('event_venue_id')
        ->relationship('eventVenue', 'name')
        ->createOptionForm(
            auth()->user()->can('create', EventVenue::class)
                ? EventVenue::getForm() : null
        )
        ->editOptionForm(fn($record) => auth()->user()->can('update', $record->eventVenue)
            ? EventVenue::getForm() : null
        )
        ->searchable()
        ->preload(),

    TextInput::make('participation_limit')
        ->integer()
        ->minValue(0),

])->hidden(auth()->user()->cannot('viewAny', EventVenue::class))
    ->columns(2)->columnSpan(1),
Section::make('Location Information')->schema([

    Select::make('event_venue_id')
        ->relationship('eventVenue', 'name')
        ->createOptionForm(
            auth()->user()->can('create', EventVenue::class)
                ? EventVenue::getForm() : null
        )
        ->editOptionForm(fn($record) => auth()->user()->can('update', $record->eventVenue)
            ? EventVenue::getForm() : null
        )
        ->searchable()
        ->preload(),

    TextInput::make('participation_limit')
        ->integer()
        ->minValue(0),

])->hidden(auth()->user()->cannot('viewAny', EventVenue::class))
    ->columns(2)->columnSpan(1),
Relationships: 
// EventVenue.php

public function events(): HasMany
{
    return $this->hasMany(Event::class);
}
// EventVenue.php

public function events(): HasMany
{
    return $this->hasMany(Event::class);
}
// Event.php

public function eventVenue(): belongsTo
{
    return $this->belongsTo(EventVenue::class);
}
// Event.php

public function eventVenue(): belongsTo
{
    return $this->belongsTo(EventVenue::class);
}
8 replies