nurmuhammet/gujurly.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add user role management: introduce UserRole enum for role definitions, implement role-based access control in various resources and pages, and enhance authorization logic in the PanelProvider for improved security and user experience.

Browse Source
This commit is contained in:
Nurmuhammet Allanov
2025-07-29 15:33:36 +05:00
parent c7e01f404d
commit a1826ae53c
18 changed files with 226 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Filament/Pages/AboutPageSettings.php
View File

@@ -3,6 +3,7 @@
namespace App\Filament\Pages;
use App\Settings\AboutSettings;
use App\Models\UserRole;
use Filament\Forms\Components\FileUpload;
use Filament\Forms\Components\Grid;
use Filament\Forms\Components\Repeater;
@@ -245,4 +246,9 @@ class AboutPageSettings extends SettingsPage
{
return 'Manage the content sections of the About Us page.';
}
public static function canView(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Pages/ContactPageSettings.php
View File

@@ -3,6 +3,7 @@
namespace App\Filament\Pages;
use App\Settings\ContactSettings;
use App\Models\UserRole;
use Filament\Forms\Components\Section;
use Filament\Forms\Components\Textarea;
use Filament\Forms\Components\TextInput;
@@ -84,4 +85,9 @@ class ContactPageSettings extends SettingsPage
{
return 'Manage the contact form details, contact information, and map embed.';
}
public static function canView(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Pages/HomePageSettings.php
View File

@@ -3,6 +3,7 @@
namespace App\Filament\Pages;
use App\Settings\HomeSettings;
use App\Models\UserRole;
use Filament\Forms\Components\FileUpload;
use Filament\Forms\Components\Grid;
use Filament\Forms\Components\Repeater;
@@ -292,4 +293,9 @@ class HomePageSettings extends SettingsPage
{
return 'Manage the homepage hero section, background video, and call-to-action content.';
}
public static function canView(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Pages/ManageSite.php
View File

@@ -3,6 +3,7 @@
namespace App\Filament\Pages;
use App\Settings\SiteSettings;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Pages\SettingsPage;
@@ -168,4 +169,9 @@ class ManageSite extends SettingsPage
{
return 'Manage your website\'s general configuration';
}
public static function canView(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Pages/ManageSiteSocialSettings.php
View File

@@ -3,6 +3,7 @@
namespace App\Filament\Pages;
use App\Settings\SiteSocialSettings;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Pages\SettingsPage;
@@ -77,4 +78,9 @@ class ManageSiteSocialSettings extends SettingsPage
{
return 'Manage your social media profiles and sharing options';
}
public static function canView(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Resources/ApplicationResource.php
View File

@@ -5,6 +5,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\ApplicationResource\Pages;
use App\Models\Application;
use App\Models\Career;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Resources\Resource;
@@ -104,4 +105,9 @@ class ApplicationResource extends Resource
'edit' => Pages\EditApplication::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

31
app/Filament/Resources/AuthorResource.php
View File

@@ -13,6 +13,7 @@ use Filament\Resources\Resource;
use Filament\Tables;
use Filament\Tables\Columns\ImageColumn;
use Filament\Tables\Table;
use Illuminate\Database\Eloquent\Builder;
class AuthorResource extends Resource
{
@@ -91,4 +92,34 @@ class AuthorResource extends Resource
'edit' => Pages\EditAuthor::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->can('view-authors');
}
public static function canCreate(): bool
{
return auth()->user()->can('view-authors');
}
public static function canEdit(mixed $record): bool
{
return auth()->user()->can('view-authors');
}
public static function canDelete(mixed $record): bool
{
return auth()->user()->can('view-authors');
}
public static function canDeleteAny(): bool
{
return auth()->user()->can('view-authors');
}
public static function getEloquentQuery(): Builder
{
return parent::getEloquentQuery()->withoutGlobalScopes();
}
}

6
app/Filament/Resources/BrandResource.php
View File

@@ -4,6 +4,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\BrandResource\Pages;
use App\Models\Brand;
use App\Models\UserRole;
use Filament\Forms\Components\FileUpload;
use Filament\Forms\Components\TextInput;
use Filament\Forms\Components\Toggle;
@@ -79,4 +80,9 @@ class BrandResource extends Resource
'index' => Pages\ManageBrands::route('/'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Resources/CareerResource.php
View File

@@ -5,6 +5,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\CareerResource\Pages;
use App\Filament\Resources\CareerResource\RelationManagers;
use App\Models\Career;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Components\Repeater;
use Filament\Forms\Components\Textarea;
@@ -117,4 +118,9 @@ class CareerResource extends Resource
'edit' => Pages\EditCareer::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Resources/CommentResource.php
View File

@@ -4,6 +4,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\CommentResource\Pages;
use App\Models\Comment;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Components\RichEditor;
use Filament\Forms\Components\Select;
@@ -93,4 +94,9 @@ class CommentResource extends Resource
'edit' => Pages\EditComment::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

6
app/Filament/Resources/InternshipResource.php
View File

@@ -5,6 +5,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\InternshipResource\Pages;
use App\Filament\Resources\InternshipResource\RelationManagers;
use App\Models\Internship;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Components\Repeater;
use Filament\Forms\Components\Textarea;
@@ -120,4 +121,9 @@ class InternshipResource extends Resource
'edit' => Pages\EditInternship::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

32
app/Filament/Resources/NewsResource.php
View File

@@ -17,6 +17,8 @@ use Filament\Tables;
use Filament\Tables\Columns\ImageColumn;
use Filament\Tables\Table;
use Illuminate\Support\Str;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Support\Facades\Auth;
class NewsResource extends Resource
{
@@ -123,4 +125,34 @@ class NewsResource extends Resource
'edit' => Pages\EditNews::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canCreate(): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canEdit(mixed $record): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canDelete(mixed $record): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canDeleteAny(): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function getEloquentQuery(): Builder
{
return parent::getEloquentQuery()->withoutGlobalScopes();
}
}

6
app/Filament/Resources/SolutionResource.php
View File

@@ -4,6 +4,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\SolutionResource\Pages;
use App\Models\Solution;
use App\Models\UserRole;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Resources\Resource;
@@ -129,4 +130,9 @@ class SolutionResource extends Resource
'edit' => Pages\EditSolution::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

31
app/Filament/Resources/SuccessResource.php
View File

@@ -15,6 +15,7 @@ use Filament\Tables;
use Filament\Tables\Columns\ImageColumn;
use Filament\Tables\Table;
use Illuminate\Support\Str;
use Illuminate\Database\Eloquent\Builder;
class SuccessResource extends Resource
{
@@ -112,4 +113,34 @@ class SuccessResource extends Resource
'edit' => Pages\EditSuccess::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canCreate(): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canEdit(mixed $record): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canDelete(mixed $record): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function canDeleteAny(): bool
{
return auth()->user()->can('manage-news-and-success');
}
public static function getEloquentQuery(): Builder
{
return parent::getEloquentQuery()->withoutGlobalScopes();
}
}

6
app/Filament/Resources/TeamMemberResource.php
View File

@@ -5,6 +5,7 @@ namespace App\Filament\Resources;
use App\Filament\Resources\TeamMemberResource\Pages;
use App\Filament\Resources\TeamMemberResource\RelationManagers;
use App\Models\TeamMember;
use App\Models\UserRole;
use Filament\Forms\Components\FileUpload;
use Filament\Forms\Components\Textarea;
use Filament\Forms\Components\TextInput;
@@ -91,4 +92,9 @@ class TeamMemberResource extends Resource
'edit' => Pages\EditTeamMember::route('/{record}/edit'),
];
}
public static function canViewAny(): bool
{
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
}
}

9
app/Models/User.php
View File

@@ -2,6 +2,13 @@
namespace App\Models;
enum UserRole: string
{
case ADMIN = 'admin';
case MANAGER = 'manager';
case NEWS_WRITER = 'news_writer';
}
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
@@ -21,6 +28,7 @@ class User extends Authenticatable
'name',
'email',
'password',
'role',
];
/**
@@ -43,6 +51,7 @@ class User extends Authenticatable
return [
'email_verified_at' => 'datetime',
'password' => 'hashed',
'role' => UserRole::class,
];
}
}

23
app/Providers/Filament/PanelPanelProvider.php
View File

@@ -20,6 +20,9 @@ use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Session\Middleware\AuthenticateSession;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\View\Middleware\ShareErrorsFromSession;
use App\Models\User;
use App\Models\UserRole;
use Illuminate\Support\Facades\Gate;
class PanelPanelProvider extends PanelProvider
{
@@ -30,6 +33,7 @@ class PanelPanelProvider extends PanelProvider
->id('panel')
->path('panel')
->login()
->profile()
->colors([
'primary' => Color::Amber,
])
@@ -73,4 +77,23 @@ class PanelPanelProvider extends PanelProvider
ApplicationResource::class,
]);
}
public function boot(): void
{
Gate::before(function (User $user, string $ability) {
return $user->role === UserRole::ADMIN ? true : null;
});
Gate::define('view-activity-logs', function (User $user) {
return $user->role === UserRole::ADMIN;
});
Gate::define('manage-news-and-success', function (User $user) {
return $user->role === UserRole::NEWS_WRITER || $user->role === UserRole::ADMIN || $user->role === UserRole::MANAGER;
});
Gate::define('view-authors', function (User $user) {
return $user->role === UserRole::NEWS_WRITER || $user->role === UserRole::ADMIN || $user->role === UserRole::MANAGER;
});
}
}