Skip to content

Commit

Permalink
Merge pull request #297 from liberu-billing/sweep/Enhance-Role-Manage…
Browse files Browse the repository at this point in the history 
…ment-and-Permissions-System

Enhance Role Management and Permissions System
  • Loading branch information
@curtisdelicata
curtisdelicata authored Dec 24, 2024
2 parents f46dfa2 + 3244e40 commit 70f202b
Show file tree
Hide file tree
Showing 3 changed files with 83 additions and 45 deletions.
48 changes: 35 additions & 13 deletions app/Filament/Resources/RoleResource.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,48 +12,70 @@
use Filament\Tables\Table;
use Filament\Forms\Components\TextInput;
use Filament\Forms\Components\Select;
use Filament\Forms\Components\Card;
use Filament\Tables\Columns\TextColumn;
use Filament\Tables\Actions\DeleteAction;
use Illuminate\Support\Collection;

class RoleResource extends Resource
{
protected static ?string $model = Role::class;

protected static ?string $navigationIcon = 'heroicon-o-shield-check';

protected static ?string $navigationGroup = 'Administration';
protected static ?int $navigationSort = 2;

public static function form(Form $form): Form
{
return $form
->schema([
TextInput::make('name')
->required()
->unique(ignoreRecord: true),
Select::make('permissions')
->multiple()
->relationship('permissions', 'name')
->preload()
->searchable(),
Card::make()
->schema([
TextInput::make('name')
->required()
->unique(ignoreRecord: true)
->helperText('The name of the role (e.g., editor, manager)'),
Select::make('permissions')
->multiple()
->relationship('permissions', 'name')
->preload()
->searchable()
->helperText('Select the permissions for this role')
->required(),
])
]);
}

public static function table(Table $table): Table
{
return $table
->columns([
TextColumn::make('name'),
TextColumn::make('id')->sortable(),
TextColumn::make('name')->sortable()->searchable(),
TextColumn::make('permissions.name')
->listWithLineBreaks()
->bulleted(),
TextColumn::make('created_at')
->dateTime()
->sortable(),
])
->filters([])
->actions([
Tables\Actions\EditAction::make(),
Tables\Actions\DeleteAction::make(),
Tables\Actions\DeleteAction::make()
->before(function (DeleteAction $action, Role $record) {
if ($record->name === 'super_admin') {
$action->cancel();
}
}),
])
->bulkActions([
Tables\Actions\BulkActionGroup::make([
Tables\Actions\DeleteBulkAction::make(),
Tables\Actions\DeleteBulkAction::make()
->before(function ($action, Collection $records) {
if ($records->contains('name', 'super_admin')) {
$action->cancel();
}
}),
]),
]);
}
Expand Down
18 changes: 18 additions & 0 deletions app/Models/Role.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,26 @@

class Role extends SpatieRole
{
protected $fillable = ['name', 'guard_name'];

public function team(): BelongsTo
{
return $this->belongsTo(Team::class);
}

public function hasPermissionTo($permission): bool
{
return $this->permissions()->where('name', $permission)->exists();
}

public static function defaultRoles(): array
{
return [
'super_admin' => 'Full access to all features',
'admin' => 'Administrative access with some restrictions',
'staff' => 'Standard staff access',
'client' => 'Client access with limited permissions',
'free' => 'Basic access for free users'
];
}
}
62 changes: 30 additions & 32 deletions database/seeders/RolesSeeder.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,42 +8,40 @@

class RolesSeeder extends Seeder
{
/**
* Run the database seeds.
*/
public function run(): void
{
// Create roles
$superAdmin = Role::firstOrCreate(['name' => 'super_admin']);
$admin = Role::firstOrCreate(['name' => 'admin']);
$staff = Role::firstOrCreate(['name' => 'staff']);
$client = Role::firstOrCreate(['name' => 'client']);
$free = Role::firstOrCreate(['name' => 'free']);
// Create base permissions
$permissions = [
// User management
'view_users', 'create_users', 'edit_users', 'delete_users',
// Role management
'view_roles', 'create_roles', 'edit_roles', 'delete_roles',
// Permission management
'view_permissions', 'assign_permissions',
// Team management
'view_teams', 'create_teams', 'edit_teams', 'delete_teams',
// Billing
'view_billing', 'manage_billing',
// Settings
'view_settings', 'manage_settings',
];

// Get all permissions
$permissions = Permission::all();
foreach ($permissions as $permission) {
Permission::firstOrCreate(['name' => $permission]);
}

// Assign permissions to roles
$superAdmin->syncPermissions($permissions);

$adminPermissions = $permissions->filter(function ($permission) {
return !str_contains($permission->name, ['role', 'permission']);
});
$admin->syncPermissions($adminPermissions);
// Create roles and assign permissions
$roles = [
'super_admin' => $permissions,
'admin' => array_filter($permissions, fn($p) => !str_contains($p, ['roles', 'permissions'])),
'staff' => array_filter($permissions, fn($p) => str_contains($p, ['view', 'create', 'edit'])),
'client' => array_filter($permissions, fn($p) => str_contains($p, ['view'])),
'free' => ['view_billing']
];

$staffPermissions = $permissions->filter(function ($permission) {
return str_contains($permission->name, ['view', 'create', 'update']);
});
$staff->syncPermissions($staffPermissions);

$clientPermissions = $permissions->filter(function ($permission) {
return str_contains($permission->name, ['view']);
});
$client->syncPermissions($clientPermissions);

$freePermissions = $permissions->filter(function ($permission) {
return str_contains($permission->name, ['view']);
});
$free->syncPermissions($freePermissions);
foreach ($roles as $roleName => $rolePermissions) {
$role = Role::firstOrCreate(['name' => $roleName]);
$role->syncPermissions($rolePermissions);
}
}
}

0 comments on commit 70f202b

Please sign in to comment.