diff --git a/app/Filament/Pages/AboutPageSettings.php b/app/Filament/Pages/AboutPageSettings.php index f542029..32a633f 100644 --- a/app/Filament/Pages/AboutPageSettings.php +++ b/app/Filament/Pages/AboutPageSettings.php @@ -3,6 +3,7 @@ namespace App\Filament\Pages; use App\Settings\AboutSettings; +use App\Models\UserRole; use Filament\Forms\Components\FileUpload; use Filament\Forms\Components\Grid; use Filament\Forms\Components\Repeater; @@ -245,4 +246,9 @@ class AboutPageSettings extends SettingsPage { return 'Manage the content sections of the About Us page.'; } + + public static function canView(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } \ No newline at end of file diff --git a/app/Filament/Pages/ContactPageSettings.php b/app/Filament/Pages/ContactPageSettings.php index 04e0130..6110e91 100644 --- a/app/Filament/Pages/ContactPageSettings.php +++ b/app/Filament/Pages/ContactPageSettings.php @@ -3,6 +3,7 @@ namespace App\Filament\Pages; use App\Settings\ContactSettings; +use App\Models\UserRole; use Filament\Forms\Components\Section; use Filament\Forms\Components\Textarea; use Filament\Forms\Components\TextInput; @@ -84,4 +85,9 @@ class ContactPageSettings extends SettingsPage { return 'Manage the contact form details, contact information, and map embed.'; } + + public static function canView(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Pages/HomePageSettings.php b/app/Filament/Pages/HomePageSettings.php index 7dfe4a5..6087c49 100644 --- a/app/Filament/Pages/HomePageSettings.php +++ b/app/Filament/Pages/HomePageSettings.php @@ -3,6 +3,7 @@ namespace App\Filament\Pages; use App\Settings\HomeSettings; +use App\Models\UserRole; use Filament\Forms\Components\FileUpload; use Filament\Forms\Components\Grid; use Filament\Forms\Components\Repeater; @@ -292,4 +293,9 @@ class HomePageSettings extends SettingsPage { return 'Manage the homepage hero section, background video, and call-to-action content.'; } + + public static function canView(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Pages/ManageSite.php b/app/Filament/Pages/ManageSite.php index e74bbd9..b79247c 100644 --- a/app/Filament/Pages/ManageSite.php +++ b/app/Filament/Pages/ManageSite.php @@ -3,6 +3,7 @@ namespace App\Filament\Pages; use App\Settings\SiteSettings; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Form; use Filament\Pages\SettingsPage; @@ -168,4 +169,9 @@ class ManageSite extends SettingsPage { return 'Manage your website\'s general configuration'; } + + public static function canView(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Pages/ManageSiteSocialSettings.php b/app/Filament/Pages/ManageSiteSocialSettings.php index c3e3c1f..1fe5054 100644 --- a/app/Filament/Pages/ManageSiteSocialSettings.php +++ b/app/Filament/Pages/ManageSiteSocialSettings.php @@ -3,6 +3,7 @@ namespace App\Filament\Pages; use App\Settings\SiteSocialSettings; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Form; use Filament\Pages\SettingsPage; @@ -77,4 +78,9 @@ class ManageSiteSocialSettings extends SettingsPage { return 'Manage your social media profiles and sharing options'; } + + public static function canView(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/ApplicationResource.php b/app/Filament/Resources/ApplicationResource.php index a63caf2..fa4d764 100644 --- a/app/Filament/Resources/ApplicationResource.php +++ b/app/Filament/Resources/ApplicationResource.php @@ -5,6 +5,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\ApplicationResource\Pages; use App\Models\Application; use App\Models\Career; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Form; use Filament\Resources\Resource; @@ -104,4 +105,9 @@ class ApplicationResource extends Resource 'edit' => Pages\EditApplication::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/AuthorResource.php b/app/Filament/Resources/AuthorResource.php index 4b5aa0f..7b4bea4 100644 --- a/app/Filament/Resources/AuthorResource.php +++ b/app/Filament/Resources/AuthorResource.php @@ -13,6 +13,7 @@ use Filament\Resources\Resource; use Filament\Tables; use Filament\Tables\Columns\ImageColumn; use Filament\Tables\Table; +use Illuminate\Database\Eloquent\Builder; class AuthorResource extends Resource { @@ -91,4 +92,34 @@ class AuthorResource extends Resource 'edit' => Pages\EditAuthor::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->can('view-authors'); + } + + public static function canCreate(): bool + { + return auth()->user()->can('view-authors'); + } + + public static function canEdit(mixed $record): bool + { + return auth()->user()->can('view-authors'); + } + + public static function canDelete(mixed $record): bool + { + return auth()->user()->can('view-authors'); + } + + public static function canDeleteAny(): bool + { + return auth()->user()->can('view-authors'); + } + + public static function getEloquentQuery(): Builder + { + return parent::getEloquentQuery()->withoutGlobalScopes(); + } } diff --git a/app/Filament/Resources/BrandResource.php b/app/Filament/Resources/BrandResource.php index 0237324..076b510 100644 --- a/app/Filament/Resources/BrandResource.php +++ b/app/Filament/Resources/BrandResource.php @@ -4,6 +4,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\BrandResource\Pages; use App\Models\Brand; +use App\Models\UserRole; use Filament\Forms\Components\FileUpload; use Filament\Forms\Components\TextInput; use Filament\Forms\Components\Toggle; @@ -79,4 +80,9 @@ class BrandResource extends Resource 'index' => Pages\ManageBrands::route('/'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/CareerResource.php b/app/Filament/Resources/CareerResource.php index be1fda2..c8d6b99 100644 --- a/app/Filament/Resources/CareerResource.php +++ b/app/Filament/Resources/CareerResource.php @@ -5,6 +5,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\CareerResource\Pages; use App\Filament\Resources\CareerResource\RelationManagers; use App\Models\Career; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Components\Repeater; use Filament\Forms\Components\Textarea; @@ -117,4 +118,9 @@ class CareerResource extends Resource 'edit' => Pages\EditCareer::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/CommentResource.php b/app/Filament/Resources/CommentResource.php index 2fe71ba..2d3b6ba 100644 --- a/app/Filament/Resources/CommentResource.php +++ b/app/Filament/Resources/CommentResource.php @@ -4,6 +4,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\CommentResource\Pages; use App\Models\Comment; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Components\RichEditor; use Filament\Forms\Components\Select; @@ -93,4 +94,9 @@ class CommentResource extends Resource 'edit' => Pages\EditComment::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/InternshipResource.php b/app/Filament/Resources/InternshipResource.php index 3a98a61..71755a1 100644 --- a/app/Filament/Resources/InternshipResource.php +++ b/app/Filament/Resources/InternshipResource.php @@ -5,6 +5,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\InternshipResource\Pages; use App\Filament\Resources\InternshipResource\RelationManagers; use App\Models\Internship; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Components\Repeater; use Filament\Forms\Components\Textarea; @@ -120,4 +121,9 @@ class InternshipResource extends Resource 'edit' => Pages\EditInternship::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/NewsResource.php b/app/Filament/Resources/NewsResource.php index 882e5cc..be40bf2 100644 --- a/app/Filament/Resources/NewsResource.php +++ b/app/Filament/Resources/NewsResource.php @@ -17,6 +17,8 @@ use Filament\Tables; use Filament\Tables\Columns\ImageColumn; use Filament\Tables\Table; use Illuminate\Support\Str; +use Illuminate\Database\Eloquent\Builder; +use Illuminate\Support\Facades\Auth; class NewsResource extends Resource { @@ -123,4 +125,34 @@ class NewsResource extends Resource 'edit' => Pages\EditNews::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canCreate(): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canEdit(mixed $record): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canDelete(mixed $record): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canDeleteAny(): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function getEloquentQuery(): Builder + { + return parent::getEloquentQuery()->withoutGlobalScopes(); + } } diff --git a/app/Filament/Resources/SolutionResource.php b/app/Filament/Resources/SolutionResource.php index 8dd187d..e438e00 100644 --- a/app/Filament/Resources/SolutionResource.php +++ b/app/Filament/Resources/SolutionResource.php @@ -4,6 +4,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\SolutionResource\Pages; use App\Models\Solution; +use App\Models\UserRole; use Filament\Forms; use Filament\Forms\Form; use Filament\Resources\Resource; @@ -129,4 +130,9 @@ class SolutionResource extends Resource 'edit' => Pages\EditSolution::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Filament/Resources/SuccessResource.php b/app/Filament/Resources/SuccessResource.php index 80c735c..77664a9 100644 --- a/app/Filament/Resources/SuccessResource.php +++ b/app/Filament/Resources/SuccessResource.php @@ -15,6 +15,7 @@ use Filament\Tables; use Filament\Tables\Columns\ImageColumn; use Filament\Tables\Table; use Illuminate\Support\Str; +use Illuminate\Database\Eloquent\Builder; class SuccessResource extends Resource { @@ -112,4 +113,34 @@ class SuccessResource extends Resource 'edit' => Pages\EditSuccess::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canCreate(): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canEdit(mixed $record): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canDelete(mixed $record): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function canDeleteAny(): bool + { + return auth()->user()->can('manage-news-and-success'); + } + + public static function getEloquentQuery(): Builder + { + return parent::getEloquentQuery()->withoutGlobalScopes(); + } } diff --git a/app/Filament/Resources/TeamMemberResource.php b/app/Filament/Resources/TeamMemberResource.php index 3148aa1..d0552c8 100644 --- a/app/Filament/Resources/TeamMemberResource.php +++ b/app/Filament/Resources/TeamMemberResource.php @@ -5,6 +5,7 @@ namespace App\Filament\Resources; use App\Filament\Resources\TeamMemberResource\Pages; use App\Filament\Resources\TeamMemberResource\RelationManagers; use App\Models\TeamMember; +use App\Models\UserRole; use Filament\Forms\Components\FileUpload; use Filament\Forms\Components\Textarea; use Filament\Forms\Components\TextInput; @@ -91,4 +92,9 @@ class TeamMemberResource extends Resource 'edit' => Pages\EditTeamMember::route('/{record}/edit'), ]; } + + public static function canViewAny(): bool + { + return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER; + } } diff --git a/app/Models/User.php b/app/Models/User.php index 749c7b7..c58f30b 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -2,6 +2,13 @@ namespace App\Models; +enum UserRole: string +{ + case ADMIN = 'admin'; + case MANAGER = 'manager'; + case NEWS_WRITER = 'news_writer'; +} + // use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Foundation\Auth\User as Authenticatable; @@ -21,6 +28,7 @@ class User extends Authenticatable 'name', 'email', 'password', + 'role', ]; /** @@ -43,6 +51,7 @@ class User extends Authenticatable return [ 'email_verified_at' => 'datetime', 'password' => 'hashed', + 'role' => UserRole::class, ]; } } diff --git a/app/Providers/Filament/PanelPanelProvider.php b/app/Providers/Filament/PanelPanelProvider.php index 9338c89..ac06570 100644 --- a/app/Providers/Filament/PanelPanelProvider.php +++ b/app/Providers/Filament/PanelPanelProvider.php @@ -20,6 +20,9 @@ use Illuminate\Routing\Middleware\SubstituteBindings; use Illuminate\Session\Middleware\AuthenticateSession; use Illuminate\Session\Middleware\StartSession; use Illuminate\View\Middleware\ShareErrorsFromSession; +use App\Models\User; +use App\Models\UserRole; +use Illuminate\Support\Facades\Gate; class PanelPanelProvider extends PanelProvider { @@ -30,6 +33,7 @@ class PanelPanelProvider extends PanelProvider ->id('panel') ->path('panel') ->login() + ->profile() ->colors([ 'primary' => Color::Amber, ]) @@ -73,4 +77,23 @@ class PanelPanelProvider extends PanelProvider ApplicationResource::class, ]); } + + public function boot(): void + { + Gate::before(function (User $user, string $ability) { + return $user->role === UserRole::ADMIN ? true : null; + }); + + Gate::define('view-activity-logs', function (User $user) { + return $user->role === UserRole::ADMIN; + }); + + Gate::define('manage-news-and-success', function (User $user) { + return $user->role === UserRole::NEWS_WRITER || $user->role === UserRole::ADMIN || $user->role === UserRole::MANAGER; + }); + + Gate::define('view-authors', function (User $user) { + return $user->role === UserRole::NEWS_WRITER || $user->role === UserRole::ADMIN || $user->role === UserRole::MANAGER; + }); + } } diff --git a/database/migrations/2025_07_29_151801_add_role_to_users_table.php b/database/migrations/2025_07_29_151801_add_role_to_users_table.php new file mode 100644 index 0000000..b964fe9 --- /dev/null +++ b/database/migrations/2025_07_29_151801_add_role_to_users_table.php @@ -0,0 +1,28 @@ +string('role')->default('news_writer')->nullable(); + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::table('users', function (Blueprint $table) { + $table->dropColumn('role'); + }); + } +};