nebulae/roxane
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(add Roles & Permission for Users)
All checks were successful
Deploy Roxane to Preprod / deploy (push) Successful in 1m18s
Details

Browse Source
This commit is contained in:
Nebulae
2026-02-03 11:57:36 +01:00
parent f39651748d
commit 6a7a95f15b
16 changed files with 996 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/Filament/Resources/Users/Schemas/UserForm.php
View File

@@ -2,9 +2,12 @@
namespace App\Filament\Resources\Users\Schemas; namespace App\Filament\Resources\Users\Schemas;
use App\Models\User;
use Filament\Forms\Components\DateTimePicker; use Filament\Forms\Components\DateTimePicker;
use Filament\Forms\Components\Select;
use Filament\Forms\Components\TextInput; use Filament\Forms\Components\TextInput;
use Filament\Schemas\Schema; use Filament\Schemas\Schema;
use Illuminate\Support\Facades\Hash;
class UserForm class UserForm
{ {
@@ -13,15 +16,26 @@ class UserForm
return $schema return $schema
->components([ ->components([
TextInput::make('name') TextInput::make('name')
->label(User::getAttributeLabel('name'))
->required(), ->required(),
TextInput::make('email') TextInput::make('email')
->label(User::getAttributeLabel('email'))
->label('Email address') ->label('Email address')
->email() ->email()
->required(), ->required(),
DateTimePicker::make('email_verified_at'), DateTimePicker::make('email_verified_at')
->label(User::getAttributeLabel('email_verified_at')),
TextInput::make('password') TextInput::make('password')
->label(User::getAttributeLabel('password'))
->password() ->password()
->required(), ->dehydrated(fn ($state) => filled($state))
->dehydrateStateUsing(fn ($state) => Hash::make($state)),
Select::make('role')
->label(User::getAttributeLabel('role'))
->relationship('roles', 'name')
->multiple()
->preload()
->searchable()
]); ]);
} }
} }

70
app/Policies/MemberGroupPolicy.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use App\Models\MemberGroup;
use Illuminate\Auth\Access\HandlesAuthorization;
class MemberGroupPolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:MemberGroup');
}
public function view(AuthUser $authUser, MemberGroup $memberGroup): bool
{
return $authUser->can('View:MemberGroup');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:MemberGroup');
}
public function update(AuthUser $authUser, MemberGroup $memberGroup): bool
{
return $authUser->can('Update:MemberGroup');
}
public function delete(AuthUser $authUser, MemberGroup $memberGroup): bool
{
return $authUser->can('Delete:MemberGroup');
}
public function restore(AuthUser $authUser, MemberGroup $memberGroup): bool
{
return $authUser->can('Restore:MemberGroup');
}
public function forceDelete(AuthUser $authUser, MemberGroup $memberGroup): bool
{
return $authUser->can('ForceDelete:MemberGroup');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:MemberGroup');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:MemberGroup');
}
public function replicate(AuthUser $authUser, MemberGroup $memberGroup): bool
{
return $authUser->can('Replicate:MemberGroup');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:MemberGroup');
}
}

70
app/Policies/MemberPolicy.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use App\Models\Member;
use Illuminate\Auth\Access\HandlesAuthorization;
class MemberPolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:Member');
}
public function view(AuthUser $authUser, Member $member): bool
{
return $authUser->can('View:Member');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:Member');
}
public function update(AuthUser $authUser, Member $member): bool
{
return $authUser->can('Update:Member');
}
public function delete(AuthUser $authUser, Member $member): bool
{
return $authUser->can('Delete:Member');
}
public function restore(AuthUser $authUser, Member $member): bool
{
return $authUser->can('Restore:Member');
}
public function forceDelete(AuthUser $authUser, Member $member): bool
{
return $authUser->can('ForceDelete:Member');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:Member');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:Member');
}
public function replicate(AuthUser $authUser, Member $member): bool
{
return $authUser->can('Replicate:Member');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:Member');
}
}

70
app/Policies/MembershipPolicy.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use App\Models\Membership;
use Illuminate\Auth\Access\HandlesAuthorization;
class MembershipPolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:Membership');
}
public function view(AuthUser $authUser, Membership $membership): bool
{
return $authUser->can('View:Membership');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:Membership');
}
public function update(AuthUser $authUser, Membership $membership): bool
{
return $authUser->can('Update:Membership');
}
public function delete(AuthUser $authUser, Membership $membership): bool
{
return $authUser->can('Delete:Membership');
}
public function restore(AuthUser $authUser, Membership $membership): bool
{
return $authUser->can('Restore:Membership');
}
public function forceDelete(AuthUser $authUser, Membership $membership): bool
{
return $authUser->can('ForceDelete:Membership');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:Membership');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:Membership');
}
public function replicate(AuthUser $authUser, Membership $membership): bool
{
return $authUser->can('Replicate:Membership');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:Membership');
}
}

70
app/Policies/PackagePolicy.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use App\Models\Package;
use Illuminate\Auth\Access\HandlesAuthorization;
class PackagePolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:Package');
}
public function view(AuthUser $authUser, Package $package): bool
{
return $authUser->can('View:Package');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:Package');
}
public function update(AuthUser $authUser, Package $package): bool
{
return $authUser->can('Update:Package');
}
public function delete(AuthUser $authUser, Package $package): bool
{
return $authUser->can('Delete:Package');
}
public function restore(AuthUser $authUser, Package $package): bool
{
return $authUser->can('Restore:Package');
}
public function forceDelete(AuthUser $authUser, Package $package): bool
{
return $authUser->can('ForceDelete:Package');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:Package');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:Package');
}
public function replicate(AuthUser $authUser, Package $package): bool
{
return $authUser->can('Replicate:Package');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:Package');
}
}

70
app/Policies/RolePolicy.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use Spatie\Permission\Models\Role;
use Illuminate\Auth\Access\HandlesAuthorization;
class RolePolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:Role');
}
public function view(AuthUser $authUser, Role $role): bool
{
return $authUser->can('View:Role');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:Role');
}
public function update(AuthUser $authUser, Role $role): bool
{
return $authUser->can('Update:Role');
}
public function delete(AuthUser $authUser, Role $role): bool
{
return $authUser->can('Delete:Role');
}
public function restore(AuthUser $authUser, Role $role): bool
{
return $authUser->can('Restore:Role');
}
public function forceDelete(AuthUser $authUser, Role $role): bool
{
return $authUser->can('ForceDelete:Role');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:Role');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:Role');
}
public function replicate(AuthUser $authUser, Role $role): bool
{
return $authUser->can('Replicate:Role');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:Role');
}
}

70
app/Policies/ServicePolicy.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
declare(strict_types=1);
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use App\Models\Service;
use Illuminate\Auth\Access\HandlesAuthorization;
class ServicePolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:Service');
}
public function view(AuthUser $authUser, Service $service): bool
{
return $authUser->can('View:Service');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:Service');
}
public function update(AuthUser $authUser, Service $service): bool
{
return $authUser->can('Update:Service');
}
public function delete(AuthUser $authUser, Service $service): bool
{
return $authUser->can('Delete:Service');
}
public function restore(AuthUser $authUser, Service $service): bool
{
return $authUser->can('Restore:Service');
}
public function forceDelete(AuthUser $authUser, Service $service): bool
{
return $authUser->can('ForceDelete:Service');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:Service');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:Service');
}
public function replicate(AuthUser $authUser, Service $service): bool
{
return $authUser->can('Replicate:Service');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:Service');
}
}

67
app/Policies/UserPolicy.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
namespace App\Policies;
use Illuminate\Foundation\Auth\User as AuthUser;
use Illuminate\Auth\Access\HandlesAuthorization;
class UserPolicy
{
use HandlesAuthorization;
public function viewAny(AuthUser $authUser): bool
{
return $authUser->can('ViewAny:User');
}
public function view(AuthUser $authUser): bool
{
return $authUser->can('View:User');
}
public function create(AuthUser $authUser): bool
{
return $authUser->can('Create:User');
}
public function update(AuthUser $authUser): bool
{
return $authUser->can('Update:User');
}
public function delete(AuthUser $authUser): bool
{
return $authUser->can('Delete:User');
}
public function restore(AuthUser $authUser): bool
{
return $authUser->can('Restore:User');
}
public function forceDelete(AuthUser $authUser): bool
{
return $authUser->can('ForceDelete:User');
}
public function forceDeleteAny(AuthUser $authUser): bool
{
return $authUser->can('ForceDeleteAny:User');
}
public function restoreAny(AuthUser $authUser): bool
{
return $authUser->can('RestoreAny:User');
}
public function replicate(AuthUser $authUser): bool
{
return $authUser->can('Replicate:User');
}
public function reorder(AuthUser $authUser): bool
{
return $authUser->can('Reorder:User');
}
}

5
app/Providers/Filament/AdminPanelProvider.php
View File

@@ -3,6 +3,7 @@
namespace App\Providers\Filament; namespace App\Providers\Filament;
use Andreia\FilamentNordTheme\FilamentNordThemePlugin; use Andreia\FilamentNordTheme\FilamentNordThemePlugin;
use BezhanSalleh\FilamentShield\FilamentShieldPlugin;
use App\Filament\Resources\Members\Widgets\MemberCount; use App\Filament\Resources\Members\Widgets\MemberCount;
use App\Filament\Resources\Memberships\Widgets\MembershipsChart; use App\Filament\Resources\Memberships\Widgets\MembershipsChart;
use Filament\Http\Middleware\Authenticate; use Filament\Http\Middleware\Authenticate;
@@ -58,6 +59,10 @@ class AdminPanelProvider extends PanelProvider
DisableBladeIconComponents::class, DisableBladeIconComponents::class,
DispatchServingFilamentEvent::class, DispatchServingFilamentEvent::class,
]) ])
->plugins([
FilamentShieldPlugin::make()
->navigationGroup('Gestion des accès'),
])
->authMiddleware([ ->authMiddleware([
Authenticate::class, Authenticate::class,
]); ]);

6
composer.json
View File

@@ -7,16 +7,16 @@
"license": "MIT", "license": "MIT",
"require": { "require": {
"php": "^8.3", "php": "^8.3",
"ext-soap": "*",
"andreia/filament-nord-theme": "^2.0", "andreia/filament-nord-theme": "^2.0",
"bezhansalleh/filament-shield": "^4.1",
"deployer/deployer": "^7.5", "deployer/deployer": "^7.5",
"filament/filament": "^4.0", "filament/filament": "^4.0",
"inertiajs/inertia-laravel": "^2.0", "inertiajs/inertia-laravel": "^2.0",
"laravel/fortify": "^1.31", "laravel/fortify": "^1.31",
"laravel/framework": "^12.0", "laravel/framework": "^12.0",
"laravel/tinker": "^2.10", "laravel/tinker": "^2.10",
"laravel/wayfinder": "^0.1.9", "laravel/wayfinder": "^0.1.9"
"spatie/laravel-permission": "^6.21",
"ext-soap": "*"
}, },
"require-dev": { "require-dev": {
"barryvdh/laravel-debugbar": "^3.16", "barryvdh/laravel-debugbar": "^3.16",

175
composer.lock generated
View File

@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "50a5201f8280ea528ba29182de369c22", "content-hash": "8fb1182155fa5b12912041b85f7214d7",
"packages": [ "packages": [
{ {
"name": "andreia/filament-nord-theme", "name": "andreia/filament-nord-theme",
@@ -207,6 +207,179 @@
}, },
"time": "2025-11-19T17:15:36+00:00" "time": "2025-11-19T17:15:36+00:00"
}, },
{
"name": "bezhansalleh/filament-plugin-essentials",
"version": "1.1.0",
"source": {
"type": "git",
"url": "https://github.com/bezhanSalleh/filament-plugin-essentials.git",
"reference": "3bfdb276a8993ccd5acd9d6b43fd4763cf221d3a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/bezhanSalleh/filament-plugin-essentials/zipball/3bfdb276a8993ccd5acd9d6b43fd4763cf221d3a",
"reference": "3bfdb276a8993ccd5acd9d6b43fd4763cf221d3a",
"shasum": ""
},
"require": {
"filament/filament": "^4.0|^5.0",
"illuminate/contracts": "^11.28|^12.0",
"php": "^8.2",
"spatie/laravel-package-tools": "^1.9"
},
"require-dev": {
"larastan/larastan": "^2.9||^3.0",
"laravel/pint": "^1.14",
"nunomaduro/collision": "^8.1.1||^7.10.0",
"orchestra/testbench": "^10.0.0||^9.0.0",
"pestphp/pest": "^3.0",
"pestphp/pest-plugin-arch": "^3.0",
"pestphp/pest-plugin-laravel": "^3.0",
"pestphp/pest-plugin-type-coverage": "^3.5",
"phpstan/extension-installer": "^1.3||^2.0",
"phpstan/phpstan-deprecation-rules": "^1.1||^2.0",
"phpstan/phpstan-phpunit": "^1.3||^2.0",
"rector/rector": "^2.1",
"spatie/laravel-ray": "^1.40"
},
"type": "library",
"extra": {
"laravel": {
"providers": [
"BezhanSalleh\\PluginEssentials\\PluginEssentialsServiceProvider"
]
}
},
"autoload": {
"psr-4": {
"BezhanSalleh\\PluginEssentials\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Bezhan Salleh",
"email": "bezhan_salleh@yahoo.com",
"role": "Developer"
}
],
"description": "A collection of essential traits that streamline Filament plugin development by taking care of the boilerplate, so you can focus on shipping real features faster",
"homepage": "https://github.com/bezhansalleh/filament-plugin-essentials",
"keywords": [
"Bezhan Salleh",
"filament-plugin-essentials",
"laravel"
],
"support": {
"issues": "https://github.com/bezhanSalleh/filament-plugin-essentials/issues",
"source": "https://github.com/bezhanSalleh/filament-plugin-essentials/tree/1.1.0"
},
"funding": [
{
"url": "https://github.com/bezhanSalleh",
"type": "github"
}
],
"time": "2026-01-19T19:23:25+00:00"
},
{
"name": "bezhansalleh/filament-shield",
"version": "4.1.0",
"source": {
"type": "git",
"url": "https://github.com/bezhanSalleh/filament-shield.git",
"reference": "bb5ac95b3c10f801e4c54bb289be8c055968726a"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/bezhanSalleh/filament-shield/zipball/bb5ac95b3c10f801e4c54bb289be8c055968726a",
"reference": "bb5ac95b3c10f801e4c54bb289be8c055968726a",
"shasum": ""
},
"require": {
"bezhansalleh/filament-plugin-essentials": "^1.0",
"filament/filament": "^4.0|^5.0",
"illuminate/contracts": "^11.28|^12.0",
"illuminate/support": "^11.28|^12.0",
"php": "^8.2",
"spatie/laravel-package-tools": "^1.92",
"spatie/laravel-permission": "^6.0"
},
"require-dev": {
"larastan/larastan": "^3.8",
"laravel/pint": "^1.26",
"nunomaduro/collision": "^8.8",
"orchestra/testbench": "^10.8",
"pestphp/pest": "^3.8|^4.0",
"pestphp/pest-plugin-laravel": "^3.2|^4.0",
"pestphp/pest-plugin-livewire": "^3.0|^4.0",
"pestphp/pest-plugin-type-coverage": "^3.6|^4.0",
"phpstan/extension-installer": "^1.4",
"phpstan/phpstan": "^2.1",
"phpstan/phpstan-deprecation-rules": "^2.0",
"phpstan/phpstan-phpunit": "^2.0",
"phpunit/phpunit": "^11.5",
"rector/jack": "^0.4.0",
"rector/rector": "^2.2",
"spatie/laravel-ray": "^1.43"
},
"type": "library",
"extra": {
"laravel": {
"aliases": {
"FilamentShield": "BezhanSalleh\\FilamentShield\\Facades\\FilamentShield"
},
"providers": [
"BezhanSalleh\\FilamentShield\\FilamentShieldServiceProvider"
]
}
},
"autoload": {
"psr-4": {
"BezhanSalleh\\FilamentShield\\": "src",
"BezhanSalleh\\FilamentShield\\Database\\Factories\\": "database/factories"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Bezhan Salleh",
"email": "bezhan_salleh@yahoo.com",
"role": "Developer"
}
],
"description": "Filament support for `spatie/laravel-permission`.",
"homepage": "https://github.com/bezhansalleh/filament-shield",
"keywords": [
"acl",
"bezhanSalleh",
"filament",
"filament-shield",
"laravel",
"permission",
"permissions",
"rbac",
"roles",
"security"
],
"support": {
"issues": "https://github.com/bezhanSalleh/filament-shield/issues",
"source": "https://github.com/bezhanSalleh/filament-shield/tree/4.1.0"
},
"funding": [
{
"url": "https://github.com/bezhanSalleh",
"type": "github"
}
],
"time": "2026-01-19T19:28:46+00:00"
},
{ {
"name": "blade-ui-kit/blade-heroicons", "name": "blade-ui-kit/blade-heroicons",
"version": "2.6.0", "version": "2.6.0",

263
config/filament-shield.php Normal file
View File

@@ -0,0 +1,263 @@
<?php
declare(strict_types=1);
return [
/*
|--------------------------------------------------------------------------
| Shield Resource
|--------------------------------------------------------------------------
|
| Here you may configure the built-in role management resource. You can
| customize the URL, choose whether to show model paths, group it under
| a cluster, and decide which permission tabs to display.
|
*/
'shield_resource' => [
'slug' => 'shield/roles',
'show_model_path' => true,
'cluster' => null,
'tabs' => [
'pages' => true,
'widgets' => true,
'resources' => true,
'custom_permissions' => false,
],
],
/*
|--------------------------------------------------------------------------
| Multi-Tenancy
|--------------------------------------------------------------------------
|
| When your application supports teams, Shield will automatically detect
| and configure the tenant model during setup. This enables tenant-scoped
| roles and permissions throughout your application.
|
*/
'tenant_model' => null,
/*
|--------------------------------------------------------------------------
| User Model
|--------------------------------------------------------------------------
|
| This value contains the class name of your user model. This model will
| be used for role assignments and must implement the HasRoles trait
| provided by the Spatie\Permission package.
|
*/
'auth_provider_model' => 'App\\Models\\User',
/*
|--------------------------------------------------------------------------
| Super Admin
|--------------------------------------------------------------------------
|
| Here you may define a super admin that has unrestricted access to your
| application. You can choose to implement this via Laravel's gate system
| or as a traditional role with all permissions explicitly assigned.
|
*/
'super_admin' => [
'enabled' => true,
'name' => 'super_admin',
'define_via_gate' => false,
'intercept_gate' => 'before',
],
/*
|--------------------------------------------------------------------------
| Panel User
|--------------------------------------------------------------------------
|
| When enabled, Shield will create a basic panel user role that can be
| assigned to users who should have access to your Filament panels but
| don't need any specific permissions beyond basic authentication.
|
*/
'panel_user' => [
'enabled' => true,
'name' => 'panel_user',
],
/*
|--------------------------------------------------------------------------
| Permission Builder
|--------------------------------------------------------------------------
|
| You can customize how permission keys are generated to match your
| preferred naming convention and organizational standards. Shield uses
| these settings when creating permission names from your resources.
|
| Supported formats: snake, kebab, pascal, camel, upper_snake, lower_snake
|
*/
'permissions' => [
'separator' => ':',
'case' => 'pascal',
'generate' => true,
],
/*
|--------------------------------------------------------------------------
| Policies
|--------------------------------------------------------------------------
|
| Shield can automatically generate Laravel policies for your resources.
| When merge is enabled, the methods below will be combined with any
| resource-specific methods you define in the resources section.
|
*/
'policies' => [
'path' => app_path('Policies'),
'merge' => true,
'generate' => true,
'methods' => [
'viewAny', 'view', 'create', 'update', 'delete', 'restore',
'forceDelete', 'forceDeleteAny', 'restoreAny', 'replicate', 'reorder',
],
'single_parameter_methods' => [
'viewAny',
'create',
'deleteAny',
'forceDeleteAny',
'restoreAny',
'reorder',
],
],
/*
|--------------------------------------------------------------------------
| Localization
|--------------------------------------------------------------------------
|
| Shield supports multiple languages out of the box. When enabled, you
| can provide translated labels for permissions to create a more
| localized experience for your international users.
|
*/
'localization' => [
'enabled' => false,
'key' => 'filament-shield::filament-shield.resource_permission_prefixes_labels',
],
/*
|--------------------------------------------------------------------------
| Resources
|--------------------------------------------------------------------------
|
| Here you can fine-tune permissions for specific Filament resources.
| Use the 'manage' array to override the default policy methods for
| individual resources, giving you granular control over permissions.
|
*/
'resources' => [
'subject' => 'model',
'manage' => [
\BezhanSalleh\FilamentShield\Resources\Roles\RoleResource::class => [
'viewAny',
'view',
'create',
'update',
'delete',
],
],
'exclude' => [
//
],
],
/*
|--------------------------------------------------------------------------
| Pages
|--------------------------------------------------------------------------
|
| Most Filament pages only require view permissions. Pages listed in the
| exclude array will be skipped during permission generation and won't
| appear in your role management interface.
|
*/
'pages' => [
'subject' => 'class',
'prefix' => 'view',
'exclude' => [
\Filament\Pages\Dashboard::class,
],
],
/*
|--------------------------------------------------------------------------
| Widgets
|--------------------------------------------------------------------------
|
| Like pages, widgets typically only need view permissions. Add widgets
| to the exclude array if you don't want them to appear in your role
| management interface.
|
*/
'widgets' => [
'subject' => 'class',
'prefix' => 'view',
'exclude' => [
\Filament\Widgets\AccountWidget::class,
\Filament\Widgets\FilamentInfoWidget::class,
],
],
/*
|--------------------------------------------------------------------------
| Custom Permissions
|--------------------------------------------------------------------------
|
| Sometimes you need permissions that don't map to resources, pages, or
| widgets. Define any custom permissions here and they'll be available
| when editing roles in your application.
|
*/
'custom_permissions' => [],
/*
|--------------------------------------------------------------------------
| Entity Discovery
|--------------------------------------------------------------------------
|
| By default, Shield only looks for entities in your default Filament
| panel. Enable these options if you're using multiple panels and want
| Shield to discover entities across all of them.
|
*/
'discovery' => [
'discover_all_resources' => false,
'discover_all_widgets' => false,
'discover_all_pages' => false,
],
/*
|--------------------------------------------------------------------------
| Role Policy
|--------------------------------------------------------------------------
|
| Shield can automatically register a policy for role management itself.
| This lets you control who can manage roles using Laravel's built-in
| authorization system. Requires a RolePolicy class in your app.
|
*/
'register_role_policy' => true,
];

8
database/migrations/2025_09_29_092703_create_permission_tables.php
View File

@@ -17,8 +17,8 @@ return new class extends Migration
$pivotRole = $columnNames['role_pivot_key'] ?? 'role_id'; $pivotRole = $columnNames['role_pivot_key'] ?? 'role_id';
$pivotPermission = $columnNames['permission_pivot_key'] ?? 'permission_id'; $pivotPermission = $columnNames['permission_pivot_key'] ?? 'permission_id';
throw_if(empty($tableNames), new Exception('Error: config/permission.php not loaded. Run [php artisan config:clear] and try again.')); throw_if(empty($tableNames), Exception::class, 'Error: config/permission.php not loaded. Run [php artisan config:clear] and try again.');
throw_if($teams && empty($columnNames['team_foreign_key'] ?? null), new Exception('Error: team_foreign_key on config/permission.php not loaded. Run [php artisan config:clear] and try again.')); throw_if($teams && empty($columnNames['team_foreign_key'] ?? null), Exception::class, 'Error: team_foreign_key on config/permission.php not loaded. Run [php artisan config:clear] and try again.');
Schema::create($tableNames['permissions'], static function (Blueprint $table) { Schema::create($tableNames['permissions'], static function (Blueprint $table) {
// $table->engine('InnoDB'); // $table->engine('InnoDB');
@@ -123,9 +123,7 @@ return new class extends Migration
{ {
$tableNames = config('permission.table_names'); $tableNames = config('permission.table_names');
if (empty($tableNames)) { throw_if(empty($tableNames), Exception::class, 'Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.');
throw new \Exception('Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.');
}
Schema::drop($tableNames['role_has_permissions']); Schema::drop($tableNames['role_has_permissions']);
Schema::drop($tableNames['model_has_roles']); Schema::drop($tableNames['model_has_roles']);

22
lang/en/filament-shield.resource_permission_prefixes_labels.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
/**
* Shield Permission Labels
*
* Translate the values below to localize permission labels in your application.
*/
return [
'create' => 'Create',
'delete' => 'Delete',
'force_delete' => 'Force Delete',
'force_delete_any' => 'Force Delete Any',
'reorder' => 'Reorder',
'replicate' => 'Replicate',
'restore' => 'Restore',
'restore_any' => 'Restore Any',
'update' => 'Update',
'view' => 'View',
'view_any' => 'View Any',
'view_member_count' => 'Member Count',
];

22
lang/fr/filament-shield.resource_permission_prefixes_labels.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
/**
* Shield Permission Labels
*
* Translate the values below to localize permission labels in your application.
*/
return [
'create' => 'Créer',
'delete' => 'Supprimer',
'force_delete' => 'Forcer la suppression',
'force_delete_any' => 'Forcer la suppression de tout',
'reorder' => 'Réordonner',
'replicate' => 'Répliquer',
'restore' => 'Restaurer',
'restore_any' => 'Restaurer tout',
'update' => 'Mettre à jour',
'view' => 'Voir',
'view_any' => 'Voir tout',
'view_member_count' => 'Member Count',
];

2
lang/fr/users.php
View File

@@ -7,7 +7,7 @@ return [
'name' => 'Nom', 'name' => 'Nom',
'email' => 'Email', 'email' => 'Email',
'email_verified_at' => 'Email vérifié le', 'email_verified_at' => 'Email vérifié le',
'password' => 'Mot de passe', 'password' => 'Mot de passe (si changement)',
'role' => 'Rôle' 'role' => 'Rôle'
] ]
]; ];