This plugin is built on top of Spatie's Permission package.
Provides Resources for Roles and Permissions
Permission and Policy generations
config/filament-spatie-roles-permissions-config.php
Supports permissions for teams
teams
attribute in the config/permission.php
file is set to true
After performing a composer update
, run
php artisan vendor:publish --tag="filament-spatie-roles-permissions-config" --force
Note that your existing settings will be overriden
You can install the package via composer:
composer require althinect/filament-spatie-roles-permissions
Since the package depends on Spatie's Permission package. You have to publish the migrations by running:
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
Add the plugin to the AdminPanelProvider
use Althinect\FilamentSpatieRolesPermissions\FilamentSpatieRolesPermissionsPlugin; $panel ... ->plugin(FilamentSpatieRolesPermissionsPlugin::make())
Now you should add any other configurations needed for the Spatie-Permission package.
Note: This will override your existing config file. You can publish the config file of the package with:
php artisan vendor:publish --tag="filament-spatie-roles-permissions-config" --force
You can publish translations with:
php artisan vendor:publish --tag="filament-spatie-roles-permissions-translations"
Don't forget to add the HasRoles
trait to your User model.
// The User model requires this traituse HasRoles;
You can add the following to your form method in your UserResource
return $form->schema([ Select::make('roles')->multiple()->relationship('roles', 'name')])
In addition to the field added to the UserResource. There will be 2 Resources published under Roles and Permissions. You can use these resources manage roles and permissions.
You can generate Permissions by running
php artisan permissions:sync
This will not delete any existing permissions. However, if you want to delete all existing permissions, run
php artisan permissions:sync -C|--clean
There may be an occassion where you wish to hard reset and truncate your existing permissions. To delete all permissions and reset the primary key, run
php artisan permissions:sync -H|--hard
If you have a Post model, it will generate the following permissions
view-any Postview Postcreate Postupdate Postdelete Postrestore Postforce-delete Postreplicate Postreorder Post
To generate policies use the command below. This won't replace any existing policies
php artisan permissions:sync -P|--policies
This will override existing policy classes
php artisan permissions:sync -O|--oep
Create a RolePolicy and PermissionPolicy if you wish to control the visibility of the resources on the navigation menu. Make sure to add them to the AuthServiceProvider.
ℹ️ Info: Laravel 11 removed
AuthServiceProvider
, so, in this case, we need to useAppServiceProvider
instead.
use App\Policies\RolePolicy;use App\Policies\PermissionPolicy;use Spatie\Permission\Models\Role;use Spatie\Permission\Models\Permission; Gate::policy(Role::class, RolePolicy::class);Gate::policy(Permission::class, PermissionPolicy::class);
You can ignore any prompts by add the flag -Y
or --yes-to-all
Recommended only for new projects as it will replace Policy files
php artisan permissions:sync -COPY
Super Admin
and assign the role to a Useruse Althinect\FilamentSpatieRolesPermissions\Concerns\HasSuperAdmin; class User extends Authenticatable{ ...use HasSuperAdmin;
boot
method of the AuthServiceProvider
add the followingGate::before(function (User $user, string $ability) { return $user->isSuperAdmin() ? true: null;});
When you use any guard other than web
you have to add the guard name to the config/auth.php
file.
Example: If you use api
guard, you should add the following to the guards
array
'guards' => [ ... 'api' => [ 'driver' => 'token', 'provider' => 'users', 'hash' => false, ],],
config/permission.php
'teams' => true
team_model
on the config/permission
is correctly set.Spatie\Permission\Models\Role
config/permission.php
with the newly created modelsteam
relationship in both models...public function team(): BelongsTo{ return $this->belongsTo(Team::class);}
AdminPanelProvider
to support tenancyuse Althinect\FilamentSpatieRolesPermissions\Middleware\SyncSpatiePermissionsWithFilamentTenants; $panel ... ->tenantMiddleware([ SyncSpatiePermissionsWithFilamentTenants::class, ], isPersistent: true)
Forms\Components\Select::make('roles') ->relationship(name: 'roles', titleAttribute: 'name') ->saveRelationshipsUsing(function (Model $record, $state) { $record->roles()->syncWithPivotValues($state, [config('permission.column_names.team_foreign_key') => getPermissionsTeamId()]); }) ->multiple() ->preload() ->searchable(),
Follow the instructions on Filament Multi-tenancy
In the filament-spatie-roles-permissions.php config file, you can customize the permission generation
If you discover any security related issues, please create an issue.
The MIT License (MIT). Please see License File for more information.
This package was generated using the Laravel Package Boilerplate.