README

Multi-panel aware ultra-fine-grained permissions for Laravel Filament to analyze, generate and inject into all classes and methods in the application.

What this package does

• Generate list of almost all Filament component permissions
• Automatically redefine classes to avoid conflict

Why I need this package

• You have too many classes and methods to define permissions one by one
• Default Filament authorization doesn't support multi-panel

What this package doesn't do

• It doesn't provide complete solution for authorization
• It's not meant for custom defined permissions, you need to define it yourself

Installation

You can install the package via composer:

composer require beranidigital/filament-access

You can publish the config file with:

php artisan vendor:publish --tag="filament-access-config"

Usage

\BeraniDigitalID\FilamentAccess\Facades\FilamentAccess::analyzeAll();

or

php artisan filament-access:generate
php artisan filament-access:hijack

How it works

1. It hooks into a class to correct the permission
2. The class will call Gate::authorize('viewAny', $correctArgument) with an example of App\Filament\Resources\MyResource as the argument
3. It's up to you to authorize it with your own custom logic

\Illuminate\Support\Facades\Gate::before(function ($user, $ability, $arguments) {
    $permission = \BeraniDigitalID\FilamentAccess\Facades\FilamentAccess::determinePermissionName($ability, $arguments);
    if (!$user->hasPermissionTo($permission)) {
        return false;
    }
    // continue to the next authorization logic
});

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

• Yusuf Sekhan Althaf
• All Contributors

License

The MIT License (MIT). Please see License File for more information.