feat: granular permissions, export backup, user/role management
Some checks failed
Tests / PHP 8.3 (push) Has been cancelled
Tests / PHP 8.4 (push) Has been cancelled
Tests / PHP 8.5 (push) Has been cancelled

- PermissionSeeder: 29 permissions with role mapping (admin/manager/staff)
- Policies updated to use hasPermissionTo() instead of hasRole()
- ExportBackup command: JSON per-table backup with chunk processing
- UserResource: CRUD users with role assignment (admin only)
- RoleResource: CRUD roles with permission assignment (admin only)
- UserPolicy + RolePolicy: admin-only access control
- ImportCskh: detailed skip logging with color in dry-run mode
- Widgets: permission-based visibility checks
- Tests: 8/8 pass (21 assertions)
This commit is contained in:
2026-05-02 04:47:10 +00:00
parent 7c5055075b
commit 3a8db5cae6
40 changed files with 1804 additions and 440 deletions

View File

@@ -0,0 +1,20 @@
<?php
namespace App\Filament\Resources\Users\Pages;
use App\Filament\Resources\Users\UserResource;
use Filament\Resources\Pages\CreateRecord;
class CreateUser extends CreateRecord
{
protected static string $resource = UserResource::class;
protected function afterCreate(): void
{
$record = $this->record;
$role = $record->role;
// Assign the primary role
$record->syncRoles([$role]);
}
}

View File

@@ -0,0 +1,27 @@
<?php
namespace App\Filament\Resources\Users\Pages;
use App\Filament\Resources\Users\UserResource;
use Filament\Resources\Pages\EditRecord;
class EditUser extends EditRecord
{
protected static string $resource = UserResource::class;
protected function getHeaderActions(): array
{
return [
\Filament\Actions\DeleteAction::make(),
];
}
protected function afterSave(): void
{
$record = $this->record;
$role = $record->role;
// Sync the primary role
$record->syncRoles([$role]);
}
}

View File

@@ -0,0 +1,37 @@
<?php
namespace App\Filament\Resources\Users\Pages;
use App\Filament\Resources\Users\UserResource;
use Filament\Actions;
use Filament\Resources\Pages\ListRecords;
use Filament\Schemas\Components\Tabs\Tab;
use Illuminate\Database\Eloquent\Builder;
class ListUsers extends ListRecords
{
protected static string $resource = UserResource::class;
protected function getHeaderActions(): array
{
return [
Actions\CreateAction::make(),
];
}
public function getTabs(): array
{
return [
'all' => Tab::make(),
'admin' => Tab::make()
->modifyQueryUsing(fn (Builder $query) => $query->where('role', 'admin'))
->badge(fn () => static::getResource()::getModel()::where('role', 'admin')->count()),
'manager' => Tab::make()
->modifyQueryUsing(fn (Builder $query) => $query->where('role', 'manager'))
->badge(fn () => static::getResource()::getModel()::where('role', 'manager')->count()),
'staff' => Tab::make()
->modifyQueryUsing(fn (Builder $query) => $query->where('role', 'staff'))
->badge(fn () => static::getResource()::getModel()::where('role', 'staff')->count()),
];
}
}

View File

@@ -0,0 +1,42 @@
<?php
namespace App\Filament\Resources\Users\Schemas;
use Filament\Forms\Components\Select;
use Filament\Forms\Components\TextInput;
use Filament\Schemas\Schema;
use Spatie\Permission\Models\Role;
class UserForm
{
public static function configure(Schema $schema): Schema
{
return $schema
->components([
TextInput::make('name')
->required()
->maxLength(255),
TextInput::make('email')
->email()
->required()
->maxLength(255)
->unique(ignoreRecord: true),
TextInput::make('password')
->password()
->revealable()
->required(fn (string $operation): bool => $operation === 'create')
->dehydrateStateUsing(fn (?string $state): ?string => filled($state) ? bcrypt($state) : null)
->dehydrated(fn (?string $state): bool => filled($state))
->maxLength(255)
->columnSpanFull(),
Select::make('role')
->label('Role')
->options(Role::pluck('name', 'name')->toArray())
->required()
->searchable(),
]);
}
}

View File

@@ -0,0 +1,59 @@
<?php
namespace App\Filament\Resources\Users\Tables;
use Filament\Actions\BulkActionGroup;
use Filament\Actions\DeleteBulkAction;
use Filament\Actions\EditAction;
use Filament\Tables\Columns\TextColumn;
use Filament\Tables\Table;
class UsersTable
{
public static function configure(Table $table): Table
{
return $table
->columns([
TextColumn::make('id')
->label('#')
->sortable(),
TextColumn::make('name')
->searchable()
->sortable(),
TextColumn::make('email')
->searchable()
->sortable(),
TextColumn::make('role')
->badge()
->color(fn (string $state): string => match ($state) {
'admin' => 'danger',
'manager' => 'warning',
'staff' => 'info',
default => 'gray',
}),
TextColumn::make('created_at')
->dateTime('d/m/Y H:i')
->sortable()
->toggleable(isToggledHiddenByDefault: true),
])
->defaultSort('id', 'asc')
->filters([
//
])
->recordActions([
EditAction::make(),
])
->headerActions([
//
])
->bulkActions([
BulkActionGroup::make([
DeleteBulkAction::make(),
]),
]);
}
}

View File

@@ -0,0 +1,57 @@
<?php
namespace App\Filament\Resources\Users;
use App\Filament\Resources\Users\Pages\CreateUser;
use App\Filament\Resources\Users\Pages\EditUser;
use App\Filament\Resources\Users\Pages\ListUsers;
use App\Filament\Resources\Users\Schemas\UserForm;
use App\Filament\Resources\Users\Tables\UsersTable;
use App\Models\User;
use BackedEnum;
use Filament\Resources\Resource;
use Filament\Schemas\Schema;
use Filament\Support\Icons\Heroicon;
use Filament\Tables\Table;
class UserResource extends Resource
{
protected static ?string $model = User::class;
protected static string|BackedEnum|null $navigationIcon = Heroicon::OutlinedUsers;
protected static ?string $pluralLabel = 'Users';
protected static ?int $navigationSort = 5;
protected static ?string $recordTitleAttribute = 'name';
public static function getNavigationGroup(): ?string
{
return 'Management';
}
public static function form(Schema $schema): Schema
{
return UserForm::configure($schema);
}
public static function table(Table $table): Table
{
return UsersTable::configure($table);
}
public static function getRelations(): array
{
return [];
}
public static function getPages(): array
{
return [
'index' => ListUsers::route('/'),
'create' => CreateUser::route('/create'),
'edit' => EditUser::route('/{record}/edit'),
];
}
}