Add role-based access control to management pages: implement canView method in ManageCtaSettings, ManagePortfolio, ManageSolutions, and ManageSuccess classes to restrict access to ADMIN and MANAGER roles, enhancing security and user experience.
This commit is contained in:
1
.gitignore
vendored
1
.gitignore
vendored
@@ -22,3 +22,4 @@ yarn-error.log
|
|||||||
/.vscode
|
/.vscode
|
||||||
/.zed
|
/.zed
|
||||||
**/.DS_Store
|
**/.DS_Store
|
||||||
|
/IntelephenseHelper.php
|
||||||
|
|||||||
@@ -3,10 +3,12 @@
|
|||||||
namespace App\Filament\Pages;
|
namespace App\Filament\Pages;
|
||||||
|
|
||||||
use App\Settings\CtaSettings;
|
use App\Settings\CtaSettings;
|
||||||
|
use App\Models\UserRole;
|
||||||
use Filament\Forms;
|
use Filament\Forms;
|
||||||
use Filament\Forms\Components\FileUpload;
|
use Filament\Forms\Components\FileUpload;
|
||||||
use Filament\Forms\Form;
|
use Filament\Forms\Form;
|
||||||
use Filament\Pages\SettingsPage;
|
use Filament\Pages\SettingsPage;
|
||||||
|
use Illuminate\Contracts\Support\Htmlable;
|
||||||
|
|
||||||
class ManageCtaSettings extends SettingsPage
|
class ManageCtaSettings extends SettingsPage
|
||||||
{
|
{
|
||||||
@@ -42,4 +44,9 @@ class ManageCtaSettings extends SettingsPage
|
|||||||
->columnSpan('full'),
|
->columnSpan('full'),
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function canView(): bool
|
||||||
|
{
|
||||||
|
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@
|
|||||||
namespace App\Filament\Pages;
|
namespace App\Filament\Pages;
|
||||||
|
|
||||||
use App\Settings\PortfolioSettings;
|
use App\Settings\PortfolioSettings;
|
||||||
|
use App\Models\UserRole;
|
||||||
use Filament\Forms\Components\FileUpload;
|
use Filament\Forms\Components\FileUpload;
|
||||||
use Filament\Forms\Components\Grid;
|
use Filament\Forms\Components\Grid;
|
||||||
use Filament\Forms\Components\Repeater;
|
use Filament\Forms\Components\Repeater;
|
||||||
@@ -108,4 +109,9 @@ class ManagePortfolio extends SettingsPage
|
|||||||
{
|
{
|
||||||
return 'Manage the portfolio section content, including items, categories, and titles.';
|
return 'Manage the portfolio section content, including items, categories, and titles.';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function canView(): bool
|
||||||
|
{
|
||||||
|
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@
|
|||||||
namespace App\Filament\Pages;
|
namespace App\Filament\Pages;
|
||||||
|
|
||||||
use App\Settings\SolutionSettings;
|
use App\Settings\SolutionSettings;
|
||||||
|
use App\Models\UserRole;
|
||||||
use Filament\Forms\Components\FileUpload;
|
use Filament\Forms\Components\FileUpload;
|
||||||
use Filament\Forms\Components\Grid;
|
use Filament\Forms\Components\Grid;
|
||||||
use Filament\Forms\Components\Repeater;
|
use Filament\Forms\Components\Repeater;
|
||||||
@@ -376,4 +377,9 @@ class ManageSolutions extends SettingsPage
|
|||||||
{
|
{
|
||||||
return 'Manage the solutions section content, including individual solution items.';
|
return 'Manage the solutions section content, including individual solution items.';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function canView(): bool
|
||||||
|
{
|
||||||
|
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,6 +3,7 @@
|
|||||||
namespace App\Filament\Pages;
|
namespace App\Filament\Pages;
|
||||||
|
|
||||||
use App\Settings\SuccessSettings;
|
use App\Settings\SuccessSettings;
|
||||||
|
use App\Models\UserRole;
|
||||||
use Filament\Forms\Components\FileUpload;
|
use Filament\Forms\Components\FileUpload;
|
||||||
use Filament\Forms\Components\Grid;
|
use Filament\Forms\Components\Grid;
|
||||||
use Filament\Forms\Components\Repeater;
|
use Filament\Forms\Components\Repeater;
|
||||||
@@ -113,4 +114,9 @@ class ManageSuccess extends SettingsPage
|
|||||||
{
|
{
|
||||||
return 'Manage the success section content, including text, button, and skill bars.';
|
return 'Manage the success section content, including text, button, and skill bars.';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static function canView(): bool
|
||||||
|
{
|
||||||
|
return auth()->user()->role === UserRole::ADMIN || auth()->user()->role === UserRole::MANAGER;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -81,7 +81,11 @@ class PanelPanelProvider extends PanelProvider
|
|||||||
public function boot(): void
|
public function boot(): void
|
||||||
{
|
{
|
||||||
Gate::before(function (User $user, string $ability) {
|
Gate::before(function (User $user, string $ability) {
|
||||||
return $user->role === UserRole::ADMIN ? true : null;
|
if ($user->role === UserRole::ADMIN) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
});
|
});
|
||||||
|
|
||||||
Gate::define('view-activity-logs', function (User $user) {
|
Gate::define('view-activity-logs', function (User $user) {
|
||||||
|
|||||||
Reference in New Issue
Block a user