althinect / filament-spatie-roles-permissions Goto Github PK

After upgrading from filament 2 to filament 3 Roles and Permissions resources do not show anymore in the Panel.
Is there anything I have to check? Any new way those resources are hooked to User? Never knew how those resources appeared automagically in the navigation menu, anyway...

          Maybe you have to add it to the config file

Originally posted by @tharindarodrigo in #107 (comment)

A Policy, in my opinion, is essential for a Role model. After entering the admin panel, the user may now create a role. Assume that a user's only rights are to create and edit users. However, he can create a new role with all permissions by accessing the role through the URL and getting access to the full application.

In filament when editing the permissions resource, the roles select is not populating with available roles. viewing the code in PermissionResource.php on line 85:

return $query->where(config('permission.column_names.team_foreign_key'), Filament::getTenant());

I believe should have the tenant ID in the where statement, so should be:

return $query->where(config('permission.column_names.team_foreign_key'), Filament::getTenant()->id);

Have tested with id and works.

how can i use $user->can('super user')
to control navigation show or hide by some one user

When i use this command php artisan permissions:sync All permissions are duplicated

SQLSTATE[HY000]: General error: 1364 Field 'team_id' doesn't have a default value

INSERT INTO
  `model_has_roles` (`model_id`, `model_type`, `role_id`)
VALUES
  (1, App \ Models \ USER, 1)``

Please advise what I would do for this case.

Hello 👋🏼,

Nice package!

I am not entirely sure why this is happening now specifically as I've had the abstract class for a little while. But the package seems to attempt to instantiate non-concrete classes.

https://github.com/Althinect/filament-spatie-roles-permissions/blame/4734c9a1cd93c31ed1fa75499880e8f21b708465/src/Commands/Permission.php#L176

          Are you using tenancy in Filament?

Originally posted by @tharindarodrigo in #106 (comment)

I am using tenancy in Filament , and when I use hasRoles in User model I get the same error when i try to assign a Role to a User. Is there any trick?

Hello, is there a way to restrict access to roles and permissions tables and views based on policies or middleware?

Thank you in advance.

Hi,
i have a problem with tenants.

The model [Spatie\Permission\Models\Role] does not have a relationship named [team]. You can change the relationship being used by passing it to the [ownershipRelationship] argument of the [tenant()] method in configuration. You can change the relationship being used per-resource by setting it as the [$tenantOwnershipRelationshipName] static property on the [Althinect\FilamentSpatieRolesPermissions\Resources\RoleResource] resource class.

Can you give me an solution for this problem ?

Thank's !

Hi, i've checked on the published config file for role and permission and under the should_register_on_navigation array you can set true or false, but I need to check if the user is admin it should be true else false, how can I do in this way?

if use EN，is't OK!
but, when i use other language，unable to express well！

the current version has Card::make() in form methods which is now deprecated please replace it with Section::make()

to

Due to the usage of a closure in the generator config of this package config, caching with php artisan cache is not possible anymore.

Is it possible to generate policies in a directory inside policies directory

How can permissions / roles be shown only to the super admin,

this below image can any user level see it

I have a problem that I assume must be very silly because I don't see how can it work without this.

I have 'should_register_on_navigation' set to true for both 'permisions' and 'roles' but... that makes roles and permitions apper to all users, not only super-admin!
Mu NavigationMenuMiddleware is heavily twiked depending on user's hasRole, but as far as I see it something is wrong because those two options appear regardless of what I tell the menu to be.

class NavigationMenuMiddleware
{
public function handle(Request $request, Closure $next): Response
{
...

if (auth()->user()->hasRole("sat")) {

        Filament::navigation(function (NavigationBuilder $builder): NavigationBuilder {
           // echo "hola".Request::getPathInfo();
            return $builder->items([
                NavigationItem::make('Rmas')
                    ->label('Solicitudes')
                    ->icon('heroicon-o-home')
                    ->activeIcon('heroicon-s-home')
                    ->isActiveWhen(fn (): bool => request()->routeIs('filament.app.resources.rmas.index'))
                    ->url(route('filament.app.resources.rmas.index'))
                    ,
                    NavigationItem::make('Artículos')
                        ->url('/reparaciones/articles', shouldOpenInNewTab: false)
                        ->isActiveWhen(fn (): bool => request()->routeIs('filament.pages.articles'))
                        ->icon('heroicon-o-gift')
                        ->activeIcon('heroicon-s-gift')
                        ->sort(3)
            ]);;
        });

...
}
}

How is it that permisions and roles keep appearing in the menu? How can I tell the plugin what roles to show itself and what roles not.

When creating a new role or permission, if you leave empty all fields (including name), it tries to create it without name which fails: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'name' cannot be null
One ->required() on the forms for both the permissions and roles will fix this issue.

Got issue on deleting permision record.
Debugger does not give any good information.
Just this error:
Class name must be a valid object or a string

Could you add this to your documentation for the tenant section?

Forms\Components\Select::make('roles')
            ->relationship(name: 'roles', titleAttribute: 'name')
            ->saveRelationshipsUsing(function (Model $record, $state) {
                 $record->roles()->syncWithPivotValues($state, [config('permission.column_names.team_foreign_key') => getPermissionsTeamId()]);
            })
           ->multiple()
           ->preload()
           ->searchable(),

how to display menu role and permission only for super admin

Every Thing Works Fine With 'web' guard but 'api' guard gives error that "Class name must be a valid object or a string". Please help Me fast if u can.

In Multi-tenancy mode, when i try to attach a global role to user, i got this error message:

SQLSTATE[HY000]: General error: 1364 Field 'team_id' doesn't have a default value
INSERT INTO model_has_roles (model_id, model_type, role_id) VALUES (1, App\Models\USER, 5)

In your plugin page you say...

#Role and Permission Policies

Create a RolePolicy and PermissionPolicy if you wish to control the visibility of the resources on the navigation menu. Make sure to add them to the AuthServiceProvider.

Could you explain a little bit more... I am really confused by how those policies work.

I understand we must do

php artisan make:policy PermissionPolicy --model=Permission
php artisan make:policy RolePolicy --model=Role

and edit

class AuthServiceProvider extends ServiceProvider
{
/**
* The model to policy mappings for the application.
*
* @var array<class-string, class-string>
*/
protected $policies = [
// 'App\Models\Model' => 'App\Policies\ModelPolicy',
'App\Models\Role' => 'App\Policies\RolePolicy',
'App\Models\Permission' => 'App\Policies\PermissionPolicy',

];

to add those policies... but...
it does not seem to work.
It would be great to have some clarification on how do the policies end applied.

i tried created user and product resource
and created 2 roles super admin and operator

i tested operator roles assigment to view user and create user

but operator still can access product,roles,permission

thx u

Hi, I have just installed your library, and when I attempt to run the policies command

php artisan permissions:sync -C|--policies

I get the following error --policies: command not found

Thanks

Hey there,
There have been 13 commits to the main branch since the first release. Would you please tag a new release?

Hi,
I have just tried the package. All the earlier listed resources in the panel are not visible any more to me.
Only Roles and Permissions are listed.
I have not created SuperAdmin role yet and assigned to user. Is it mandatory ?
I was using a admin role and was validating to access filament admin panel from User model, with canAccessFilament method.

Can you provide some more details, what I need to do to bring it back.

Thanks

I'm following this upgrade guide for Filament 3: https://filamentphp.com/docs/3.x/panels/upgrade-guide

But on composer update I get

Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - althinect/filament-spatie-roles-permissions[v1.0.0, ..., v1.3.7] require filament/filament ^2.0|^2.1 -> found filament/filament[v2.5.3, ..., v2.17.53] but it conflicts with your root composer.json require (^3.0-stable).

Are their plans to adapt this plugin to filament 3?

SQLSTATE[42S22]: Column not found: 1054 Unknown column 'roles' in 'field list'

after creating roles and permission model

but it wont work after deleting that models

I think adding a filter for guard name makes it easier to filter the permissions available

Is there a config option to hide the guard input in the forms when there is only the default web guard installed?

In the Permission table when using multi tenant there is no team_id

It seems to be less team_id

Code before

    Schema::create($tableNames['permissions'], function (Blueprint $table) {
        $table->bigIncrements('id'); // permission id
        $table->string('name');       // For MySQL 8.0 use string('name', 125);
        $table->string('guard_name'); // For MySQL 8.0 use string('guard_name', 125);
        $table->timestamps();

        $table->unique(['name', 'guard_name']);
    });

After Code

    Schema::create($tableNames['permissions'], function (Blueprint $table) use ($teams, $columnNames) {
        $table->bigIncrements('id'); // permission id
        if ($teams || config('permission.testing')) { // permission.testing is a fix for sqlite testing
            $table->unsignedBigInteger($columnNames['team_foreign_key'])->nullable();
            $table->index($columnNames['team_foreign_key'], 'permissions_team_foreign_key_index');
        }
        $table->string('name');       // For MySQL 8.0 use string('name', 125);
        $table->string('guard_name'); // For MySQL 8.0 use string('guard_name', 125);
        $table->timestamps();

        if ($teams || config('permission.testing')) {
            $table->unique([$columnNames['team_foreign_key'], 'name', 'guard_name']);
        } else {
            $table->unique(['name', 'guard_name']);
        }
    });

How to add permissions to the permission menu ？ ’discover_models_through_filament_resources‘ field in config file, but not take effect

When creating a new role, it clears the cache; after deleting a role, it clears the cache as well. However, it does not clear the cache when making permission updates within a role.

->actions([
    Tables\Actions\DeleteAction::make(),
    Tables\Actions\EditAction::make(),
    Tables\Actions\DetachAction::make()->after(function (){
        app(PermissionRegistrar::class)->forgetCachedPermissions();
    })
])

Adding such a table action within the PermissionRelationManager class resolves the issue, but there needs to be an update on the package side.

The selection of roles and permissions in multi-tenants still shows all roles and permissions from other tenants that should only belong to that tenant

Is it really like that?

How chan I hide the group menu for roles and permission for group of roles?
I.E. if admin is logged, the roles and permissions menù should be shown, else none.

The roles and right get assign to the menu of filament. In my system i got admins and moderators, how to i hide this extension for the moderators. I extended the spatie models and try to create the policies but i doesnot hide on the filament menu? I dont want that moderators can assign themself permissions.

Hello!
Great package, I really appreciate it. Unfortunately I'm having troubles with policies: everything works fine for my models, but I can't find a way to apply them to the Role and Permission resources themselves.

Accprding to the documentation:
"Create a RolePolicy and PermissionPolicy if you wish to control the visibility of the resources on the navigation menu. Make sure to add them to the AuthServiceProvider."

That's exactly what I did, defining Gates in the boot method of the AuthServiceProvider, but both Roles and Permissions resources ignore those policies, so every user of my application can just edit roles and permissions. What am I doing wrong?

Thank you in advance and kudos for your great work!

Hi mate, so I just did a fresh install of Laravel and FilamentPHP for a new project, and I'm instantly running into these errors

  Problem 1
    - althinect/filament-spatie-roles-permissions[dev-main, v1.0.0, ..., 1.x-dev] require filament/filament ^2.0|^2.1 -> found filament/filament[v2.0.0-beta1, ..., 2.x-dev] but it conflicts with your root composer.json require (^3.0-stable).
    - althinect/filament-spatie-roles-permissions[dev-feature/togglable-guard-names, dev-feature/tenancy-bug-fixes, dev-dev/null-fix, v1.3.4, ..., v1.3.9, v2.0, ..., 2.x-dev] require spatie/laravel-permission ^5.4 -> found spatie/laravel-permission[5.4.0, ..., v5.x-dev] but it conflicts with your root composer.json require (^6.0).
    - Root composer.json requires althinect/filament-spatie-roles-permissions * -> satisfiable by althinect/filament-spatie-roles-permissions[dev-feature/togglable-guard-names, dev-feature/tenancy-bug-fixes, dev-main, dev-dev/null-fix, v1.0.0, ..., 1.x-dev, v2.0, ..., 2.x-dev].

Error Editing or Viewing a Role or Permission where guard_name='api'

Error text:
Class name must be a valid object or a string

But where guard_name=web, all right
or
UserRelationManager in RoleResource or PermissionResource when comment, all right

If it is please tag a release

Althinect\FilamentSpatieRolesPermissions\Resources\RoleResource\RelationManager\UserRelationManager;

TextInput::make(config('filament-spatie-roles-permissions.user_name_column'))

Should Be

TextInput::make(config('filament-spatie-roles-permissions.generator.user_name_column'))

Hello,
Here is the FR translation :)
Thank you !

`<?php

return [
/*
|--------------------------------------------------------------------------
| Fields
|--------------------------------------------------------------------------
*/

'field.guard_name' => 'Intitulé du Garde',
'field.permissions_count' => 'Permissions',
'field.name' => 'Intitulé',
'field.permissions' => 'Permissions',
'field.roles' => 'Rôles',
'field.role' => 'Rôle',
'field.team' => 'Équipe',

/*
|--------------------------------------------------------------------------
| Labels
|--------------------------------------------------------------------------
*/

'section.permission' => 'Permission',
'section.permissions' => 'Permissions',
'section.role' => 'Rôle',
'section.roles' => 'Rôles',
'section.roles_and_permissions' => 'Rôles et Permissions',
'select-team' => 'Sélectionnez une Équipe',
'select-team-hint' => 'Laissez vide pour un rôle global',
'section.users' => 'Utilisateurs',

];
`

Hi, is there any way to disable the navigation icons for Roles and Permissions? because i wanted to create navigation group with icon that will include Roles and Permissions inside. Since Filament doesn't support multiple icons for Navigation Groups and Items, i'm unable to do that.

If there's any solution, it would be much appreciated. Thanks!

Althinect\FilamentSpatieRolesPermissions\Resources\RoleResource\RelationManager\UserRelationManager;

public function table(Table $table): Table
    {
        return $table
            // Support changing table heading by translations.
            ->heading(__('filament-spatie-roles-permissions::filament-spatie.section.users'))
            ->columns([
                TextInput::make(config('filament-spatie-roles-permissions.generator.user_name_column'))
                    ->searchable()
                    ->label(__('filament-spatie-roles-permissions::filament-spatie.field.name')),
            ])

Should Be

public function table(Table $table): Table
    {
        return $table
            // Support changing table heading by translations.
            ->heading(__('filament-spatie-roles-permissions::filament-spatie.section.users'))
            ->columns([
                TextColumn::make(config('filament-spatie-roles-permissions.generator.user_name_column'))
                    ->searchable()
                    ->label(__('filament-spatie-roles-permissions::filament-spatie.field.name')),
            ])