Add role-based access control to management pages: implement canView method in ManageCtaSettings, ManagePortfolio, ManageSolutions, and ManageSuccess classes to restrict access to ADMIN and MANAGER roles, enhancing security and user experience.

.gitignore

@@ -22,3 +22,4 @@ yarn-error.log
 /.vscode
 /.zed
 **/.DS_Store
+/IntelephenseHelper.php

app/Filament/Pages/ManageCtaSettings.php

@@ -3,10 +3,12 @@
 namespace App\Filament\Pages;
 
 use App\Settings\CtaSettings;
+use App\Models\UserRole;
 use Filament\Forms;
 use Filament\Forms\Components\FileUpload;
 use Filament\Forms\Form;
 use Filament\Pages\SettingsPage;
+use Illuminate\Contracts\Support\Htmlable;
 
 class ManageCtaSettings extends SettingsPage
 {
@@ -42,4 +44,9 @@ class ManageCtaSettings extends SettingsPage
                     ->columnSpan('full'),
             ]);
     }
+
+    public static function canView(): bool
+    {
+        return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
+    }
 }

app/Filament/Pages/ManagePortfolio.php

@@ -3,6 +3,7 @@
 namespace App\Filament\Pages;
 
 use App\Settings\PortfolioSettings;
+use App\Models\UserRole;
 use Filament\Forms\Components\FileUpload;
 use Filament\Forms\Components\Grid;
 use Filament\Forms\Components\Repeater;
@@ -108,4 +109,9 @@ class ManagePortfolio extends SettingsPage
     {
         return 'Manage the portfolio section content, including items, categories, and titles.';
     }
+
+    public static function canView(): bool
+    {
+        return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
+    }
 }

app/Filament/Pages/ManageSolutions.php

@@ -3,6 +3,7 @@
 namespace App\Filament\Pages;
 
 use App\Settings\SolutionSettings;
+use App\Models\UserRole;
 use Filament\Forms\Components\FileUpload;
 use Filament\Forms\Components\Grid;
 use Filament\Forms\Components\Repeater;
@@ -376,4 +377,9 @@ class ManageSolutions extends SettingsPage
     {
         return 'Manage the solutions section content, including individual solution items.';
     }
+
+    public static function canView(): bool
+    {
+        return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
+    }
 }

app/Filament/Pages/ManageSuccess.php

@@ -3,6 +3,7 @@
 namespace App\Filament\Pages;
 
 use App\Settings\SuccessSettings;
+use App\Models\UserRole;
 use Filament\Forms\Components\FileUpload;
 use Filament\Forms\Components\Grid;
 use Filament\Forms\Components\Repeater;
@@ -113,4 +114,9 @@ class ManageSuccess extends SettingsPage
     {
         return 'Manage the success section content, including text, button, and skill bars.';
     }
+
+    public static function canView(): bool
+    {
+        return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
+    }
 }

app/Providers/Filament/PanelPanelProvider.php

@@ -81,7 +81,11 @@ class PanelPanelProvider extends PanelProvider
     public function boot(): void
     {
         Gate::before(function (User $user, string $ability) {
-            return $user->role === UserRole::ADMIN ? true : null;
+            if ($user->role === UserRole::ADMIN) {
+                return true;
+            }
+
+            return null;
         });
 
         Gate::define('view-activity-logs', function (User $user) {