Spatie permissions integration

Author: Hatim EL OUFIR

app/Http/Livewire/Administration/Users.php

@@ -4,10 +4,12 @@
 
 use App\Models\User;
 use App\Notifications\UserCreatedNotification;
+use Filament\Forms\Components\TagsInput;
 use Filament\Notifications\Notification;
 use Filament\Tables\Actions\Action;
 use Filament\Tables\Columns\BadgeColumn;
 use Filament\Tables\Columns\BooleanColumn;
+use Filament\Tables\Columns\TagsColumn;
 use Filament\Tables\Columns\TextColumn;
 use Filament\Tables\Concerns\InteractsWithTable;
 use Filament\Tables\Contracts\HasTable;
@@ -51,18 +53,17 @@ protected function getTableColumns(): array
                 ->searchable()
                 ->sortable(),
 
-            BadgeColumn::make('role')
-                ->label(__('Role'))
-                ->searchable()
-                ->sortable()
-                ->enum(roles_list())
-                ->colors(roles_list_badges()),
-
             BooleanColumn::make('isAccountActivated')
                 ->label(__('Account activated'))
                 ->sortable()
                 ->searchable(),
 
+            TagsColumn::make('permissions.name')
+                ->label(__('Permissions'))
+                ->limit(1)
+                ->searchable()
+                ->sortable(),
+
             TextColumn::make('created_at')
                 ->label(__('Created at'))
                 ->sortable()

app/Http/Livewire/Administration/UsersDialog.php

@@ -4,14 +4,23 @@
 
 use App\Models\User;
 use App\Notifications\UserCreatedNotification;
+use Filament\Forms\Components\Checkbox;
+use Filament\Forms\Components\CheckboxList;
+use Filament\Forms\Components\Grid;
+use Filament\Forms\Components\MultiSelect;
+use Filament\Forms\Components\Placeholder;
 use Filament\Forms\Components\Select;
+use Filament\Forms\Components\TagsInput;
 use Filament\Forms\Components\TextInput;
 use Filament\Forms\Concerns\InteractsWithForms;
 use Filament\Forms\Contracts\HasForms;
 use Filament\Notifications\Actions\Action;
 use Filament\Notifications\Notification;
+use Illuminate\Support\HtmlString;
 use Livewire\Component;
 use Ramsey\Uuid\Uuid;
+use Spatie\Permission\Models\Permission;
+use Closure;
 
 class UsersDialog extends Component implements HasForms
 {
@@ -22,11 +31,14 @@ class UsersDialog extends Component implements HasForms
 
     protected $listeners = ['doDeleteUser', 'cancelDeleteUser'];
 
-    public function mount(): void {
+    public array $permissions;
+
+    public function mount(): void
+    {
         $this->form->fill([
             'name' => $this->user->name,
             'email' => $this->user->email,
-            'role' => $this->user->role,
+            'permissions' => $this->user->permissions->pluck('id')->toArray(),
         ]);
     }
 
@@ -44,40 +56,91 @@ public function render()
     protected function getFormSchema(): array
     {
         return [
-            TextInput::make('name')
-                ->label(__('Full name'))
-                ->maxLength(255)
-                ->required(),
-
-            TextInput::make('email')
-                ->label(__('Email address'))
-                ->email()
-                ->unique(table: User::class, column: 'email', ignorable: fn () => $this->user->id ? $this->user : null)
-                ->required(),
-
-            Select::make('role')
-                ->label(__('Role'))
+            Grid::make()
+                ->schema([
+                    TextInput::make('name')
+                        ->label(__('Full name'))
+                        ->maxLength(255)
+                        ->required(),
+
+                    TextInput::make('email')
+                        ->label(__('Email address'))
+                        ->email()
+                        ->unique(table: User::class, column: 'email', ignorable: fn() => $this->user->id ? $this->user : null)
+                        ->required(),
+                ]),
+
+            Grid::make()
+                ->extraAttributes([
+                    'class' => 'border-t border-gray-200 pt-5 mt-5'
+                ])
+                ->schema([
+                    Select::make('same_permissions_as')
+                        ->label(__('Use same permissions of'))
+                        ->helperText(__("Update the permissions of this user based on another user's permissions"))
+                        ->searchable()
+                        ->options(User::all()->pluck('name', 'id')->toArray())
+                        ->reactive()
+                        ->afterStateUpdated(function (Closure $set, Closure $get) {
+                            if ($get('same_permissions_as')) {
+                                $user = User::find($get('same_permissions_as'));
+                                $set('permissions', $user->permissions->pluck('id')->toArray());
+                            }
+                        })
+                ]),
+
+            Placeholder::make('permissions_buttons')
+                ->content(new HtmlString('
+                    <div class="w-full flex items-center gap-2">
+                        <button type="button" class="text-xs text-primary-500 hover:text-primary-600 hover:underline" wire:click="assignAllPermissions">' . __('Assign all permissions') . '</button>
+                        <button type="button" class="text-xs text-primary-500 hover:text-primary-600 hover:underline" wire:click="removeAllPermissions">' . __('Remove all permissions') . '</button>
+                    </div>
+                ')),
+
+            CheckboxList::make('permissions')
+                ->label(__('Permissions'))
                 ->required()
-                ->searchable()
-                ->options(roles_list())
+                ->columns(3)
+                ->options(Permission::orderBy('name')->get()->pluck('name', 'id')->toArray())
         ];
     }
 
+    /**
+     * Assign all permissions
+     *
+     * @return void
+     */
+    public function assignAllPermissions(): void
+    {
+        $this->permissions = Permission::all()->pluck('id')->toArray();
+    }
+
+    /**
+     * Remove all assigned permissions
+     *
+     * @return void
+     */
+    public function removeAllPermissions(): void
+    {
+        $this->permissions = [];
+    }
+
     /**
      * Create / Update the user
      *
      * @return void
      */
-    public function save(): void {
+    public function save(): void
+    {
         $data = $this->form->getState();
         if (!$this->user?->id) {
             $user = User::create([
                 'name' => $data['name'],
                 'email' => $data['email'],
-                'role' => $data['role'],
                 'password' => bcrypt(uniqid()),
                 'register_token' => Uuid::uuid4()->toString()
             ]);
+            $user->syncPermissions($data['permissions']);
             $user->notify(new UserCreatedNotification($user));
             Notification::make()
                 ->success()
@@ -87,8 +150,8 @@ public function save(): void {
         } else {
             $this->user->name = $data['name'];
             $this->user->email = $data['email'];
-            $this->user->role = $data['role'];
             $this->user->save();
+            $this->user->syncPermissions($data['permissions']);
             Notification::make()
                 ->success()
                 ->title(__('User updated'))
@@ -103,7 +166,8 @@ public function save(): void {
      *
      * @return void
      */
-    public function doDeleteUser(): void {
+    public function doDeleteUser(): void
+    {
         $this->user->delete();
         $this->deleteConfirmationOpened = false;
         $this->emit('userDeleted');
@@ -119,7 +183,8 @@ public function doDeleteUser(): void {
      *
      * @return void
      */
-    public function cancelDeleteUser(): void {
+    public function cancelDeleteUser(): void
+    {
         $this->deleteConfirmationOpened = false;
     }
 
@@ -129,7 +194,8 @@ public function cancelDeleteUser(): void {
      * @return void
      * @throws \Exception
      */
-    public function deleteUser(): void {
+    public function deleteUser(): void
+    {
         $this->deleteConfirmationOpened = true;
         Notification::make()
             ->warning()

app/Http/Livewire/Analytics.php

@@ -55,7 +55,7 @@ private function loadNotAssignedTickets(): void
     private function loadTicketsAssignments(): void
     {
         $query = Ticket::query();
-        if (has_all_permissions(auth()->user(), 'view-own-tickets') && !has_all_permissions(auth()->user(), 'view-all-tickets')) {
+        if (auth()->user()->can('View own tickets') && !auth()->user()->can('View all tickets')) {
             $query->where(function ($query) {
                 $query->where('owner_id', auth()->user()->id)
                     ->orWhere('responsible_id', auth()->user()->id);
@@ -78,7 +78,7 @@ private function loadTicketsAssignments(): void
     private function loadTicketsByStatuses(): void
     {
         $query = Ticket::query();
-        if (has_all_permissions(auth()->user(), 'view-own-tickets') && !has_all_permissions(auth()->user(), 'view-all-tickets')) {
+        if (auth()->user()->can('View own tickets') && !auth()->user()->can('View all tickets')) {
             $query->where(function ($query) {
                 $query->where('owner_id', auth()->user()->id)
                     ->orWhere('responsible_id', auth()->user()->id);

app/Http/Livewire/Kanban.php

@@ -38,7 +38,7 @@ protected function records(): Collection
     {
         $query = Ticket::query();
         $query->withCount('comments');
-        if (has_all_permissions(auth()->user(), 'view-own-tickets') && !has_all_permissions(auth()->user(), 'view-all-tickets')) {
+        if (auth()->user()->can('View own tickets') && !auth()->user()->can('View all tickets')) {
             $query->where(function ($query) {
                 $query->where('owner_id', auth()->user()->id)
                     ->orWhere('responsible_id', auth()->user()->id);
@@ -116,7 +116,7 @@ protected function styles(): array
     public function onStatusChanged($recordId, $statusId, $fromOrderedIds, $toOrderedIds): void
     {
         $ticket = Ticket::find($recordId);
-        if ((has_all_permissions(auth()->user(), 'update-all-tickets') || (has_all_permissions(auth()->user(), 'update-own-tickets') && ($ticket->owner_id === auth()->user() || $ticket->responsible_id === auth()->user()->id))) && has_all_permissions(auth()->user(), 'change-status-tickets')) {
+        if ((auth()->user()->can('Update all tickets') || (auth()->user()->can('Update own tickets') && ($ticket->owner_id === auth()->user() || $ticket->responsible_id === auth()->user()->id))) && auth()->user()->can('Change status tickets')) {
             $before = __(config('system.statuses.' . $ticket->status . '.title')) ?? '-';
             $ticket->status = $statusId;
             $ticket->save();

app/Http/Livewire/Projects.php

@@ -38,7 +38,7 @@ protected function getTableQuery(): Builder|Relation
     {
         $query = Project::query();
         $query->withCount('tickets');
-        if (has_all_permissions(auth()->user(), 'view-own-projects') && !has_all_permissions(auth()->user(), 'view-all-projects')) {
+        if (auth()->user()->can('View own projects') && !auth()->user()->can('View all projects')) {
             $query->where(function ($query) {
                 $query->where('owner_id', auth()->user()->id)
                     ->orWhereHas('tickets', function ($query) {

app/Http/Livewire/Tickets.php

@@ -49,7 +49,7 @@ public function render()
     {
         $query = Ticket::query();
         $query->withCount('comments');
-        if (has_all_permissions(auth()->user(), 'view-own-tickets') && !has_all_permissions(auth()->user(), 'view-all-tickets')) {
+        if (auth()->user()->can('View own tickets') && !auth()->user()->can('View all tickets')) {
             $query->where(function ($query) {
                 $query->where('owner_id', auth()->user()->id)
                     ->orWhere('responsible_id', auth()->user()->id);
@@ -118,7 +118,7 @@ protected function getFormSchema(): array
                         ->placeholder(__('Project'))
                         ->options(function () {
                             $query = Project::query();
-                            if (has_all_permissions(auth()->user(), 'view-own-projects') && !has_all_permissions(auth()->user(), 'view-all-projects')) {
+                            if (auth()->user()->can('View own projects') && !auth()->user()->can('View all projects')) {
                                 $query->where('owner_id', auth()->user()->id);
                             }
                             return $query->get()->pluck('name', 'id');

app/Http/Livewire/TicketsDialog.php

@@ -52,7 +52,7 @@ protected function getFormSchema(): array
                 ->searchable()
                 ->options(function () {
                     $query = Project::query();
-                    if (has_all_permissions(auth()->user(), 'view-own-projects') && !has_all_permissions(auth()->user(), 'view-all-projects')) {
+                    if (auth()->user()->can('View own projects') && !auth()->user()->can('View all projects')) {
                         $query->where('owner_id', auth()->user()->id);
                     }
                     return $query->get()->pluck('name', 'id');

app/Http/Middleware/CanAccessTicket.php

@@ -19,10 +19,10 @@ public function handle(Request $request, Closure $next)
     {
         $ticket = $request->route('ticket');
         if (!(
-            has_all_permissions(auth()->user(), 'view-all-tickets')
+            auth()->user()->can('View all tickets')
             ||
             (
-                has_all_permissions(auth()->user(), 'view-own-tickets')
+                auth()->user()->can('View own tickets')
                 && in_array(auth()->user()->id, [$ticket->owner_id, $ticket->responsible_id])
             )
         )) {

app/Jobs/CommentCreatedJob.php

@@ -39,9 +39,9 @@ public function handle()
         $users = User::whereNull('register_token')->get();
         foreach ($users as $user) {
             if (
-                (has_all_permissions($user, 'view-all-tickets') && $this->comment->owner_id !== $user->id)
+                (auth()->user()->can('View all tickets') && $this->comment->owner_id !== $user->id)
                 ||
-                (has_all_permissions($user, 'view-own-tickets') && ($this->comment->ticket->owner_id === $user->id || $this->comment->ticket->responsible_id === $user->id) && $this->comment->owner_id !== $user->id)
+                (auth()->user()->can('View own tickets') && ($this->comment->ticket->owner_id === $user->id || $this->comment->ticket->responsible_id === $user->id) && $this->comment->owner_id !== $user->id)
             ) {
                 $user->notify(new CommentCreateNotification($this->comment, $user));
             }

app/Jobs/TicketCreatedJob.php

@@ -37,7 +37,7 @@ public function handle()
     {
         $users = User::whereNull('register_token')->get();
         foreach ($users as $user) {
-            if (has_all_permissions($user, 'view-all-tickets') && $this->ticket->owner_id !== $user->id) {
+            if (auth()->user()->can('View all tickets') && $this->ticket->owner_id !== $user->id) {
                 $user->notify(new TicketCreatedNotification($this->ticket, $user));
             }
         }