This plugin is built on top of Spatie's Permission package.
Provides Resources for Roles and Permissions
Permission and Policy generations
- Check the
config/filament-spatie-roles-permissions-config.php
Supports permissions for teams
- Make sure the
teams
attribute in theconfig/permission.php
file is set totrue
After performing a composer update
, run
php artisan vendor:publish --tag="filament-spatie-roles-permissions-config" --force
Note that your existing settings will be overriden
You can install the package via composer:
composer require althinect/filament-spatie-roles-permissions
Since the package depends on Spatie's Permission package. You have to publish the migrations by running:
php artisan vendor:publish --provider="Spatie\Permission\PermissionServiceProvider"
Add the plugin to the AdminPanelProvider
use Althinect\FilamentSpatieRolesPermissions\FilamentSpatieRolesPermissionsPlugin;
$panel
...
->plugin(FilamentSpatieRolesPermissionsPlugin::make())
Now you should add any other configurations needed for the Spatie-Permission package.
Note: This will override your existing config file. You can publish the config file of the package with:
php artisan vendor:publish --tag="filament-spatie-roles-permissions-config" --force
You can publish translations with:
php artisan vendor:publish --tag="filament-spatie-roles-permissions-translations"
Don't forget to add the HasRoles
trait to your User model.
// The User model requires this trait
use HasRoles;
You can add the following to your form method in your UserResource
return $form->schema([
Select::make('roles')->multiple()->relationship('roles', 'name')
])
In addition to the field added to the UserResource. There will be 2 Resources published under Roles and Permissions. You can use these resources manage roles and permissions.
You can generate Permissions by running
php artisan permissions:sync
This will not delete any existing permissions. However, if you want to delete all existing permissions, run
php artisan permissions:sync -C|--clean
There may be an occassion where you wish to hard reset and truncate your existing permissions. To delete all permissions and reset the primary key, run
php artisan permissions:sync -H|--hard
If you have a Post model, it will generate the following permissions
view-any Post
view Post
create Post
update Post
delete Post
restore Post
force-delete Post
replicate Post
reorder Post
To generate policies use the command below. This won't replace any existing policies
php artisan permissions:sync -P|--policies
This will override existing policy classes
php artisan permissions:sync -O|--oep
Create a RolePolicy and PermissionPolicy if you wish to control the visibility of the resources on the navigation menu. Make sure to add them to the AuthServiceProvider.
ℹ️ Info: Laravel 11 removed
AuthServiceProvider
, so, in this case, we need to useAppServiceProvider
instead.
use App\Policies\RolePolicy;
use App\Policies\PermissionPolicy;
use Spatie\Permission\Models\Role;
use Spatie\Permission\Models\Permission;
Gate::policy(Role::class, RolePolicy::class);
Gate::policy(Permission::class, PermissionPolicy::class);
You can ignore any prompts by add the flag -Y
or --yes-to-all
Recommended only for new projects as it will replace Policy files
php artisan permissions:sync -COPY
- Create a Role with the name
Super Admin
and assign the role to a User - Add the following trait to the User Model
use Althinect\FilamentSpatieRolesPermissions\Concerns\HasSuperAdmin;
class User extends Authenticatable{
...
use HasSuperAdmin;
- In the
boot
method of theAuthServiceProvider
add the following
Gate::before(function (User $user, string $ability) {
return $user->isSuperAdmin() ? true: null;
});
When you use any guard other than web
you have to add the guard name to the config/auth.php
file.
Example: If you use api
guard, you should add the following to the guards
array
'guards' => [
...
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
- Make sure to set the following on the
config/permission.php
'teams' => true
- Make sure the
team_model
on theconfig/permission
is correctly set. - Create a Role model which extends
Spatie\Permission\Models\Role
- Replace the model in the
config/permission.php
with the newly created models - Add the
team
relationship in both models
...
public function team(): BelongsTo
{
return $this->belongsTo(Team::class);
}
- Add the following to the
AdminPanelProvider
to support tenancy
use Althinect\FilamentSpatieRolesPermissions\Middleware\SyncSpatiePermissionsWithFilamentTenants;
$panel
...
->tenantMiddleware([
SyncSpatiePermissionsWithFilamentTenants::class,
], isPersistent: true)
- Use the following within you UserResource
Forms\Components\Select::make('roles')
->relationship(name: 'roles', titleAttribute: 'name')
->saveRelationshipsUsing(function (Model $record, $state) {
$record->roles()->syncWithPivotValues($state, [config('permission.column_names.team_foreign_key') => getPermissionsTeamId()]);
})
->multiple()
->preload()
->searchable(),
Follow the instructions on Filament Multi-tenancy
In the filament-spatie-roles-permissions.php config file, you can customize the permission generation
If you discover any security related issues, please create an issue.
The MIT License (MIT). Please see License File for more information.
This package was generated using the Laravel Package Boilerplate.