Manuk Minasyan
Manuk Minasyan
PostsComments
FFilament
Created by Manuk Minasyan on 3/25/2025 in #❓┊help
Handling Eloquent Query Builder Serialization Securely Between Components
I'm building a Kanban board package with Filament and Livewire. My architecture has a Filament Page that creates an Eloquent query builder which is passed to a Kanban adapter, and then the adapter is passed to a Livewire component. However, I'm hitting both serialization and security roadblocks: when Livewire attempts to hydrate/dehydrate the component state, it can't serialize the Eloquent query builder inside my adapter. Additionally, I'm concerned about securely handling database queries across component boundaries. 
// KanbanBoardPage (Filament)
$adapter = new EloquentQueryAdapter(Task::query()->where(...), $config);

// This fails during Livewire's lifecycle
<livewire:kanban-board :adapter="$adapter" />
// KanbanBoardPage (Filament)
$adapter = new EloquentQueryAdapter(Task::query()->where(...), $config);

// This fails during Livewire's lifecycle
<livewire:kanban-board :adapter="$adapter" />
I've considered: 1. A registry pattern with server-side cache storage (most secure but adds complexity) 2. Custom serialization of query parameters (concerned about exposing query structure) 3. Stateless API-like approach with Alpine.js (better security boundaries) 4. Rebuilding queries on each request (potential for query parameter manipulation) What's the recommended Livewire approach for securely handling non-serializable query builders when working across components? How do you balance security (not exposing database structure or query constraints to clients) with practical component design?
16 replies
FFilament
Created by Manuk Minasyan on 1/13/2025 in #❓┊help
How to pass a section_id parameter to a action when creating a record?
No description
12 replies