README

Multi-panel aware ultra-fine-grained permissions for Laravel Filament to analyze, generate and inject into all classes and methods in the application.

What this package does

Generate list of almost all Filament component permissions
Automatically redefine classes to avoid conflict

Why I need this package

You have too many classes and methods to define permissions one by one
Default Filament authorization doesn't support multi-panel

What this package doesn't do

It doesn't provide complete solution for authorization
It's not meant for custom defined permissions, you need to define it yourself

Installation

You can install the package via composer:

composer require beranidigital/filament-access

You can publish the config file with:

php artisan vendor:publish --tag="filament-access-config"

Usage

\BeraniDigitalID\FilamentAccess\Facades\FilamentAccess::analyzeAll();

php artisan filament-access:generate
php artisan filament-access:hijack

How it works

It hooks into a class to correct the permission
The class will call Gate::authorize('viewAny', $correctArgument) with an example of App\Filament\Resources\MyResource as the argument
It's up to you to authorize it with your own custom logic

\Illuminate\Support\Facades\Gate::before(function ($user, $ability, $arguments) {
    $permission = \BeraniDigitalID\FilamentAccess\Facades\FilamentAccess::determinePermissionName($ability, $arguments);
    if (!$user->hasPermissionTo($permission)) {
        return false;
    }
    // continue to the next authorization logic
});

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.

beranidigital / filament-access

Maintainers

Details