maheralmatari/shield
最新稳定版本:v01
Composer 安装命令:
composer require maheralmatari/shield
包简介
Filament support for `spatie/laravel-permission`.
关键字:
README 文档
README
Filament Shield
The easiest and most intuitive way to add access management to your Filament Admin:
- 🔥 Resources
- 🔥 Pages
- 🔥 Widgets
- 🔥 Custome Permission
Upgrade
To upgrade to the latest release first run:
composer update
v2.x
Note Minimum Filament Requirement is now
2.13.
Before following along, backup your current config first.
-
Upgrade from
1.x- Delete
Shieldfolder fromApp\Filament\Resources - Delete
filament-shieldfromresources\lang\vendor or lang\vendor - Delete
filament-shieldfromresources\views\vendor - Delete
filament-shield.phpfromConfig - Now either follow
Upgrade only
- Delete
-
Upgrade only
-
Publish the
Config:php artisan vendor:publish --tag=filament-shield-config --force
-
Configure: Update the new
published configbased on yourbacked-up config -
Install:
php artisan shield:upgrade
-
Note for Filament prior to 2.13 use v1.1.12
Installation
- Install the package via composer:
composer require MaherAlmatari/filament-shield
- Add the
Spatie\Permission\Traits\HasRolestrait to your User model(s):
use Illuminate\Foundation\Auth\User as Authenticatable; use Spatie\Permission\Traits\HasRoles; class User extends Authenticatable { use HasRoles; //or HasFilamentShield // ... }
- Publish the
configusing:
php artisan vendor:publish --tag=filament-shield-config
- Setup your configuration
<?php return [ 'shield_resource' => [ 'slug' => 'shield/roles', 'navigation_sort' => -1, 'navigation_badge' => true ], 'auth_provider_model' => [ 'fqcn' => 'App\\Models\\User' ], 'super_admin' => [ 'enabled' => true, 'name' => 'super_admin' ], 'filament_user' => [ 'enabled' => true, 'name' => 'filament_user' ], 'permission_prefixes' => [ 'resource' => [ 'view', 'view_any', 'create', 'update', 'restore', 'restore_any', 'replicate', 'reorder', 'delete', 'delete_any', 'force_delete', 'force_delete_any', ], 'page' => 'page', 'widget' => 'widget', ], 'entities' => [ 'pages' => true, 'widgets' => true, 'resources' => true, 'custom_permissions' => false, ], 'generator' => [ 'option' => 'policies_and_permissions' ], 'exclude' => [ 'enabled' => true, 'pages' => [ 'Dashboard', ], 'widgets' => [ 'AccountWidget','FilamentInfoWidget', ], 'resources' => [], ], 'register_role_policy' => [ 'enabled' => false ], ];
- Now run the following command to install shield:
php artisan shield:install
Follow the prompts and enjoy!
Resource Custom Permissions
You can add custom permissions for Resources through Config file.
Pages
If you have generated permissions for Pages you can toggle the page's navigation from sidebar and restricted access to the page. You can set this up manually but this package comes with a HasPageShield trait to speed up this process. All you have to do is use the trait in you pages:
<?php namespace App\Filament\Pages; use ...; use MaherAlmatari\FilamentShield\Traits\HasPageShield; class MyPage extends Page { use HasPageShield; ... }
📕 HasPageShield uses the booted method to check the user's permissions and makes sure to execute the booted page method in the parent page if exists.
Pages Hooks
However if you need to perform some methods before and after the booted method you can declare the next hooks methods in your filament page.
<?php namespace App\Filament\Pages; use ...; use MaherAlmatari\FilamentShield\Traits\HasPageShield; class MyPage extends Page { use HasPageShield; ... protected function beforeBooted : void() { ... } protected function afterBooted : void() { ... } /** * Hook to perform an action before redirect if the user * doesn't have access to the page. * */ protected function beforeShieldRedirects : void() { ... } }
Pages Redirect Path
HasPageShield uses the config('filament.path') value by default to perform the shield redirection. If you need to overwrite the rediretion path, just add the next method to your page:
<?php namespace App\Filament\Pages; use ...; use MaherAlmatari\FilamentShield\Traits\HasPageShield; class MyPage extends Page { use HasPageShield; ... protected function getShieldRedirectPath(): string { return '/'; // redirect to the root index... } }
Widgets
if you have generated permissions for Widgets you can toggle their state based on whether a user have permission or not. You can set this up manually but this package comes with a HasWidgetShield trait to speed up this process. All you have to do is use the trait in you widgets:
<?php namespace App\Filament\Widgets; use ...; use MaherAlmatari\FilamentShield\Traits\HasWidgetShield; class IncomeWidget extends LineChartWidget { use HasWidgetShield; ... }
RolePolicy
You can skip this if have set the 'register_role_policy' => true in the config.
To ensure RoleResource access via RolePolicy you would need to add the following to your AuthServiceProvider:
//AuthServiceProvider.php ... protected $policies = [ 'Spatie\Permission\Models\Role' => 'App\Policies\RolePolicy', ]; ...
Translations
Publish the translations using:
php artisan vendor:publish --tag="filament-shield-translations"
Available Filament Shield Commands
- install # One Command to Rule them All 🔥 - generate # (Re)Discovers Filament resources and (re)generates Permissions and Policies. - create # Create Permissions and/or Policy for the given Filament Resource Model - super-admin # Create a user with super_admin role - upgrade # upgrade shield
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
If you want to contribute to this packages, you may want to test it in a real Filament project:
- Fork this repository to your GitHub account.
- Create a Filament app locally.
- Clone your fork in your Filament app's root directory.
- In the
/filament-shielddirectory, create a branch for your fix, e.g.fix/error-message.
Install the packages in your app's composer.json:
"require": { "MaherAlmatari/filament-shield": "dev-fix/error-message as main-dev", }, "repositories": [ { "type": "path", "url": "filament-shield" } ]
Now, run composer update.
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.
maheralmatari/shield 适用场景与选型建议
maheralmatari/shield 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 6 次下载、GitHub Stars 达 0, 最近一次更新时间为 2022 年 08 月 06 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「acl」 「laravel」 「permission」 「roles」 「permissions」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 maheralmatari/shield 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 maheralmatari/shield 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 maheralmatari/shield 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Laravel Multiauth package
Provide a way to secure accesses to all routes of an symfony application.
This package provides a flexible way to add Role-based Permissions to Laravel 6.x
It's a barebone security class written on PHP
This package provides a flexible way to add Role-based Permissions to Laravel
Contao CMS integrity check for some files
统计信息
- 总下载量: 6
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 16
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2022-08-06