Laravel Filament Roles and Permissions Full Tutorial

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
foreign [Music] project and add the filament and use where else and permission from the spotty package so first I'm going to open the terminal and I am inside the sides directory and here I'm going to create a new laravel project solaravel new and I'm going to name it a filament rolls okay then if you go to the documentation of the filament PHP to install we need to run the composer or require filament slash filament and the version which is right now 2.0 and I think is SO waiting to update the Live Wire the version 3 and then we are going to have also the version 3 of filament PHP so let's copy this command and let's navigate in the project so filament Dash rolls and let's add this command then we need to make the user and navigate the slash admin and we are going to have a admin dashboard that's it very easy But first you need to have uh the create a database so if I open this with a vs code by default the laravel is going to give us a name of the database the name that we added here but with underscores as you can see here filament roles and let's open the table Plus and I'm going to create that okay here so say new paste that name filament underscore roles and let's open this and now let's run the Artisan migrate so I have an alias for PHP Artisan just a Artisan migrate and then let's copy this command to create a filament user facing here give it the name I'm going to name it admin give it an email address I'm going to say admin example.com add the password and I'm going to say password word and let's say no for now and we are okay now if we navigate here to the project and because I have installed the I can open the project using filament Rose test and yeah here we have the project and now if we navigate sorry to the slash admin we need to sign in and we have a nice admin panel so let's navigate in here the other slash admin we need to log in with the admin example.com and add the password and yeah now we have the admin in a minute so let's reset this just have something like this and right now is empty we can sign out we have this welcome and sign out also and the documentation and GitHub for the filament and that's easy is to create the admin panel with filament which is very popular in the laravel community and we are going to use the plugins and let's filter by spotty and here we have the roles and permission and this plugin is not by spotty is by this uh user but if you go to the visit GitHub and here he said this plugin is built on top of a spotty permissions package okay so we need to install the spotty permission and we are going to use this one okay friends that's it about this video and see you in the next one all the best thank you very much [Music] Hello friends welcome in this video we are going to install the plugin and if you go here to the filament PHP and in the plugins and I'm going to add a filter by spotty and here as you can see we have one filament authentication here which has user role resource management we have also this one which is a Shield roads and permission and I had a comment here why I'm not I'm not using this one because in the previous video I said I'm going to use this one here and if we see this has more Stars than this one but I'm not going to use either this one or this one I'm going to use the spotty roles and permission and I'm going to create myself with the resources because this uh plugin is just going to create resources as you can see for the spotty permission so let's go to the spotty permission package and I'm going to go in inside the documentation and let's install in laravel let's copy this command and I'm going to navigate it in our project okay let's open the terminal and paste that command in hit enter then we need to run the PHP Artisan Vector published okay after this one optimize clear and the last one is the say PHP Artisan migrate so let's say this one very good now what I'm going to do if you go basic usage first we need to add the as user has roles in the user model and let's do that so let's open the user model and in here at the trade has a roads and make sure you import the trade here from spotty permission trades as a role let's save and let's close this one then the create a role we need to say rolled create name and give it the name also the same for permission permission create and we need to specify the name and what I'm going to do if we go in our project and inside the database seethers here I'm going to create one role which is the super admin role or just admin you can say let's say on the admin I'm going to create this one here and let's import the role from spotty permissions permission models role also I'm going to create a user so that I'm going to uncomment this and the name of the user is going to be just admin and let's say here admin example.com now the password is password if you go inside the factories user Factory here we have the password which is read this hash string which is returning the password okay so now we have created the user and let me remove this one and import the user model app models user and I'm going to assign a user variable to this one and we have the user we have the role I'm going to assign the role admin so let's say admin to this one to this user so let's say dollar sign user assign a role dollar sign rule okay and if you go here uh using permissions via roles yeah here we have user assign role and give it a name in this case I'm with the sale because we have the role here or you can say just admin and with that now what I'm going to do I'm going to Fresh the database so I'm going to delete the user and create this one user create the role and assign this role to the to this user so that's it here artisan migrate fresh there Dash C okay now if I open the project which is this one and let's navigate in the slash admin we need to login with this user so the admin example.com let's copy that and let's uh add the password and yeah here we are that's okay but if I'm going to create another one and let's say this is going to be user one and let's create another one down there who is going to be the user too and this user 2 is just going to be a test user and also a test here and I'm going to assign the role admin only to the user one okay and for this one we don't need to assign it here with a variable so just create another one here let's save and let's run again the PHP art doesn't migrate fresh that's their seed come here and refresh we are logged in let's sign out and let's login again but let's try login with this one so as a test example.com and add the password and yeah we are here so we can if we create another user we are going to ask to access this admin to prevent this one let's navigate in the filament PHP and not inside the plugins but in the documentation and here we have the users and authorizing access to the admin panel we need to add the implements filament user in the user model and create this uh method inside so only the user who has the admin which ends with something like this and has verified the email this is going to access that and let's uh do that so let's copy this and let's say implements filament user so let's navigate in the user model again let's say implements filament user okay and down there I'm going to create that method and now let's say where this email ends with a we don't need to say with example.com because both of them has example.com but what I'm going to do I'm going to say return and remove everything only if this which is user has the role and the name of the role is admin and let's save this now let's navigate back and let's refresh and now we have forbidden Let's uh log out so I'm going to go to the application filament and let's clear and let's login now with the admin user so again I'm going to remember this now adminexample.com and add the password and let's say sign in and with admin we have access to the dashboard okay friends now only the admin user we hear which is this one we created with a Cedar so whenever we are going to install this project we are going to run the artisan see it and create these two users or you can remove this one and create only this one but I just created this to show you only the admin user which we are we given this role as access to the admin panel right now okay friends so that's it about this video I hope you enjoy and see you in the next one all the best thank you very much [Music] Hello friends welcome now in this video I'm going to create a resource for the roles if you go here to the filament PHP in the documentation we have resources here and you can read for all of them but to create a resource we can copy this command here and run in our terminal so I'm going to open the project open the item first and let's navigate in my sites directory and CD in the filament roles now I'm going to open with vs code okay and in here I'm going to open the terminal and paste that command in but I'm going to create for the rows so let's change the name from customer to say a road so PHP artisan make filament Dash resource is the command and the name is role hit enter and now we have the successfully created World resource and inside the app we have now the filament here which has the role resource class and also we have inside inside the role resource folder we have the create edit and list roles classes but we are going to work only with this one so the role resource and we here we have the model which is the role class but and this role is coming from App models role we need to change that because this is going to come from the spotty so let's remove this and let's import the rows from spotty so from the spotty permission models role like this and now here we have okay and we have a form which is going to is going to change in that schema and we are going to add some Fields here and then we have a table filters actions and uh both actions now if you don't have used the filament before I have a tutorial in my channel so you can find in the description in the list of playlists I have also for the filament so go and check that and let's open the filament here and if we go inside the form Builder what we need for the role we need only the name so let's which is going to be a text field and here we have a fields and let's see the text input now here we have an example of text input text input make give it a name in our case it's going to be name is email or not is numeric or not his password or not telephone and URL so I'm going to copy this one which is for our needs mean length of 2 and max length of 255 so let's copy that and let's open the vs code and inside the schema we need to add this one and we need to import the text input okay and we have imported the text input and let's save and let's see now if we go to our project refresh we have roles here new role and yeah we have this uh name and we can create a new role now first let's go back and let's display the rows here for that we need to use the tables Builder so let's scroll up and here we have a table Builder and we want to display the text column so we can see here the text column and here we have an example so let's copy that and let's open this roller resource which is inside here this is for the form and this is for the table which returned the table and the columns inside here let's add that text column and we need to import that text column here just make the name not the title you need to give the name and let's see now if I refresh as you can see we have the admin okay and if I click edit we have admin here and we don't need to create another uh form here we have this one which is going to work for create and for the edit so let's go and create a new one and let's say for example uh brighter okay so here we have create and create or create another let's click click the create and we have created now as you can see we have the notification and we redirected back to the edit page as we can see we have the edit role here now if you go so when we create it's going to return redirect to the edit go back we have the admin and writer let's create new one and let's say a user and let's say create yeah we already created and we are in the edit mode to go to the rules and now we have three of the roles and we can edit as well so let's go to the user let's say user uh updated save changes saved go back to the rows and yeah we have the user updated okay this is for this video I hope you enjoy and see you in the next one when we are going to create the permissions so see you there [Music] Hello friends welcome now in the previous video we worked with the Royals resource we display here the only the name and we can change that also we have here to create a new role and we have this name and we are going to change this to have more good looking for we're going to add a card and maybe uh ID and create a DOT or update it out here also maybe a source if you like and the delete button in here instead of to delete we need to go to the edit and delete now to generate a resource we run this command which created the resource role resource class and also the road resource folder which has the pages folder and the created end list roles we have a simple flag by creating a resource with a flag simple which is going to create only the resource role role resource class also we have this the entire text generate with which is going to generate that the same with a resource but is going to populate the form and the model also we have here with a soft deletes if you want a like but if we use right now this one it's not going to populate the the form because the so in this video we are going to work with permissions and let's do this let's copy this command here and I'm going to open the terminal and paste that in and install and let's create the permission it's not going to create the form and the table because the permission is not in our models so this is in the spotty models and let's do that let's clear just test so if I paste this one just instead of customer let's say permission and let's say generate okay let's go in the filament we have permission Resource as you can see is empty because the model we have permission here and is looking for inside the app model's permission but let's generate also one more for the users and change the model from permission to say user hit enter and now let's see the different here if you go to the user resource in the form now we have all the fields because it's going to look inside the user model it is going to find that the the fields we have there okay now I'm going to go inside the role resource and copy this text and not inside the permission because it's going to be almost the same Also let's import this first and I don't know why this shortcut is not working in my editor but let's change also the permission model here remove this and import the class from spotty permission models okay and then go back and just copy this text column make and paste inside the table also import this one and let's save let's go in our project and if I refresh now we have roles permission and users and let's go to the permission we don't have any permission let's create a new permission let's say uh create posts and we're adjected here if I go to the permission yeah we have the create posts here okay if I go to the user we have the name email verified and the password and here we have also the create a DOT and updated that so let's go to the users and we have two users here with all the fields when we update now as you can see we have this is required but if we want I want to update for example only the name or the email and don't update them password this is going to throw an error so yeah we need to require this we need to change this one but let's work in the permission so let's and also in inside the text in the form let's make this required we're going to chain the required here okay and also change the unique we need to be unique this one so if I save and let's go and create this create post again so let's say create posts and the name has already been taken and if I say again here yeah it's going to create now if you don't like the redirect bug you can let's search here for the redirects and we can change that for example here so we need to add this method in the create page on the create page class so let's copy that and let's navigate in the permission create page here and paste that method in and let's save it and let's see now if I let's delete this okay and let's create a new permission and let's say new create and now we're redirected back also let's do the same in the roles create paste that in hit save and also in the users create because I like the redirect of the index now I said in the previous video if you don't know more about the filament I have a full tutorial in my playlist in the description so you can check that or you can go and visit this filamentphp.com and read the documentation for what you like and also have the search here to search what you don't know okay so we have the we can create a user let's go and just test this user now test test at test dot com and add the password Here and if I say create yeah we have that but the email verified that is not displaying here and we can edit but edit as I said so if I say edit we need to add the password and we need to work with this and we can delete yeah okay friends uh one more thing here uh if I go and create I want to add a card and if I come here so for Builder because in the form we need to add a card and if you go to the layout we have the card here so to add the card you need to add this card make and at the schema also can change the columns so let's go in the I'm going to add to all of them so inside here I'm going to say card from filament form components make and change the schema here which is going to be an array and inside of verily we put that one okay now here we are in the permissions and if we go now in the permission new permission as you can see we have this card here and let's do the same in the roles so let's add the card and say make and change the schema it's going to be an array with or all of our fields in this case we have only one and the same in the users so let's add the card say make and schema add an array with all other fields inside and let's say save now go to the rules card table does not exist I think we have in their own resource and we have added this in the table mining my mistake here in the form and not in the table and let's save okay let's go new role yeah let's go to the users and the same I think we have done in the users are here inside the table I have moved the okay and refresh let's see new user and now we have this nice card here also we can change that uh columns so let's add inside the users The Columns to be true and now if I refresh we have two columns okay friends that's it about this video I hope you enjoy and see you in the next one all the best thank you very much [Music] Hello friends welcome and the first thing in this video I'm going to change this required in the password when we edit the user and if you go to the vitamin PHP and go to the tricks here and just let's search for the password and here we have an example a hashing password field and handling the password updates from the then you have a password field like this and you won't have the password when the form is submitted we call the date rate paid using callback function and in the state and say hash make okay but you don't want to override the existing password if the field is empty and we call here the dehydrated if the field have state and also here for the required you won't require the password to be filled on the create page not on the edit but this need to be updated to this one so required other function at the page here which is going to be the Live Wire the create page and if the Live Wire is instance of that create user in our case not create record but create user if that is okay it's going to be required otherwise not going to be required so let's copy this show here and let's open the vs code inside the app element user resource when we have a password after the password let's add this tool and let's import the hash okay the class has imported and now let's add this to the to the required so here when you have the required paste that in import the page and as I said this is going to come from the filament resources Pages page and is create user now if this is create user it's going to be required and let's see let's come here and let's refresh of course we need to save this one and now pretty fresh yeah we don't see the oh if this is required but if I go to the users and let's click say new user and here is a required password we see the red asterisks here okay next uh go to the permission and go to the rows we have only one role and let's create a new role let's say for example writer okay and we are directed back as you can see we have here created as a notification if you don't like you can change that and also when we update so let's update this let's say updated save changes if you don't like to see the stay here and see this notification you can change so we can redirect to the index and also change that notification now for the notification we can go to the documentation here and resources so when you create create an records here we have a customizing the save notification and we can add this or if we create another records in a model we can just call this create action make and then change the success notification title in our case we use pages so let's copy this and let's navigate for the roles in the create role and paste this one and say for example Road created instead of just save yeah let's go also on the edit role or in the permission create first and paste it here and let's say permission created here save close this one and the same thing in the user I'm going to do and let's say you is a registered okay save and as I said we can do the same thing when we update so let's go to the edit and paste this in here get redirect URL and get the URL index save close on the edit of the role the same thing save close and on the edit of permission I'm going to do the same thing now for the notification on the editor records we can they get set get saved notification title because in the grid we said get created on the edit is get saved notification and let's say user updated or in this case is permission update you can change what you like let's go to the role and let's say a role updated and in the user also user updated okay very good now if we go to the roles and let's update this and I'm going to remove this one and let's say save changes we say role updated and we redirect to the index very good and the same thing we can have for the permission so let's say uh for example or create posts create posts like this say create permission created and we redirected the index very good now with the filament you can edit almost everything so let's for example I want to have users up here then rolls then permission so if you go to navigation let's say Get It Started and here we have the navigation sort so let's copy this and I'm going to go in there user resource and up here I'm going to say navigation sort and this is going to be the first one and also you can change the hair icons so for example here I'm going to add users or User Group and if I come here and refresh as you can see we have users here and we have changed that icon and this is using hello icon so if you go to the Arrow icons.com and for example let's change also the routes and permission and further roles let's say I want a I'm just going to pick some I think fingerprint yeah yeah I'm going to use fingerprint so let's search for yeah fingerprint here so I'm going to copy this name and go inside the role resource and paste that here for the permission I'm going to use the key yeah here we have key and let's go inside the permission resource and add to the key now also let's add the navigation sort as I said the users I want to be up here then then rows then permissions so go to the role and add this one which is going to be two save because of the permission is going to be three and now let's save this and let's refresh here we have users roles and permissions we can group them all together if you would like so for example let's go to the vacation and group navigation we can add a group all of them in these settings for example let's say let's go here save and let's go here and save and now refresh we have here inside the settings the user's roles and the permissions okay friends that's it about this video I hope you enjoy and see you in the next one all the best [Music] Hello friends welcome back now in this video I'm going to change the tables and also the forms little bit so for example in the users we have the name email email verify that and they created that and updated out here and the edit and for example if I want to delete the user we need to go to the edit and delete but also I want to add a delete button here and remove for example the updated out okay and maybe other search here so let's open the vs code and let's navigate in the filament user resource down there when we have a table we have the name and let's remove this updated as I said and now the name I'm going to make a searchable name also the email so to make that we need just to say the chain of the searchable here and the same with the email so let's say searchable okay for the created ad and for the email verify that I'm going to make them sortable so let's say third table like this and the same thing here just I'm going to remove uh move this after the date and time and this one also after the date and time say store table and let's save and let's see how it's going to look yeah we have a search here and the email and create that is email verified and created that is uh sorry about okay so we can search for example for admin and we have only the admin here good now let's add also that delete button in the actions we have the edit action let's add also the delete action so I'm going to copy and paste this and just change the X into B the delete action hit enter save and let's come here and refresh and now we have this delete here and if I want to delete confirm that and we deleted the user okay I think we are okay now when we go to the to create a new user we need also to add roads and permissions for example the user I want to add the role as a writer so he can write a post uh editor post and delete a post for example or we can add only permissions so for example only to create a post not edit and delete so if we want now to add all the permissions to the roles if you've got a laravel permissions package with laravel permission and here we have a spot the introduction Okay so using permission via rules we can assign so adding assigning permissions to roll we can all give permissions for example to edit articles or delete articles so what I want to say let's go to the roles first and here we have the writer and I want to assign to this writer the permissions create edit and delete both so let's create a new permission and for example here let's go back we have this create post and if I say again I create post post the name has already been taken okay let's say edit pause and one more for the delete both so let's say delete and maybe let's Zoom it like this delete post and now we have three permissions now all the state permission I'm going to add the the overwriter here so for that let's go to this writer and when we update also I want to add uh relationship select a relationship here down there so if you go to the PLS so here I have I am inside the form Builder and select inside the field select the select build and we have examples but also we have examples for the relationship so populating automatically from a relationship and here we have a relationship for the one to many or multiple like this and I'm going to copy also the preload because I want to reload the PLC for example let's just copy this one right now and let's navigate inside first inside the role resource here when we have a form card make and we add a text input or name mean length and max length after this one I'm going to add the select and also let's import the select just change the technology has to be permissions multiple yeah I mean I want to add multiple and relationship is permissions and I want to display the name here and if I save and let's go to the project and refresh as you can see we have permission here as a select and if we want to start the type the search if I want to preload now we need to add this to change the preload in this one and let's save and let's try again refresh now if I just select here we load the permissions and for example I want to add this one this one and this one and if I say save changes we are directed back and if I click the writer again we have all the permissions here okay so now if I want the add this permissions all the permissions to the row to the user we just need to add to assign this role to the user instead of all the permissions this is the idea why I added the permissions to the role okay now for example here if I go to the roads and let's create another role with as a writer we need yeah now right already already exists so we need to add that validation in the text input and we need to say also the B unique so let's say unique like this oh sorry we need a chain unique and save come here and refresh create a new your role in it if I say writer and just let's say create the name field the name has already been taken good but if I go back and let's go to the writer and let's update this so I'm going to remove the permissions and save changes now we have the name has already been taken if you go to the validation for The Unique here we have an example we need the ignore the record so unique and ignore record that's true if we say that so if you're using the admin panel you can easily ignore the current record by using ignore record instead and let's save right now and let's go and see again if I refresh so I'm going to remove now all and save changes and we rejected back so we are okay good and I think the same thing we need to do in the permissions if I see the permissions oh yeah here we have the unique and let's add the ignore record true and now here as you can see we have only the also in the roller Source only the name let's display also the ID and the Creator Dot so what I'm going to do I'm going to add here the text column and I'm going to say make and I want to make a text column for the ID which is going to be a sortable okay and maybe let's add also the created that so inside the user resource we have that and let's just copy this and paste it inside here and if I save and let's go here and inside the roles now we have the ID which is sortable as you can see and the name and the create a DOT Also let's add the delete and if you don't like this date here date and time you want for example only the date in the date and time we can add the date day amount and they are like this and for example if I refresh yeah now we have a little date okay and as I said let's add also the delete button so the same we did for the users let's copy and paste this one and change the accent to be the delete action save come here and refresh yeah and let's do the same thing now for the permissions let's add the ID the created out and the delete button so I'm going to copy what we have here go to the permissions and paste it here and let's add also the delete action here so let's say delete action and Save and refresh and we are okay okay friends that's it about this video I hope you enjoy and see you in the next video when we are going to add the role star sign roles and also assign permissions to the user so see you in the next one all the best [Music] Hello friends welcome now in this video let's add the roles and permission here so we can assign roles or permissions and also revoke them to do that I'm going to go first in the roles and oath resource and up here we have added the permissions relationships so let's copy this one and add inside the user resource we have a form and that's right here just add a comma add one more this is going to be for the roles and relationship is going to be arrows like this I'm going to add four components here not import them and let's refresh now as you can see we have roles and permissions if I select to the edit user and I want to add for example admin save changes okay go and yeah we have the admin here and we can remove that right now if we go in the models user model we added this method all right so I can access the filament and only the user who has a role admin can access now this admin panel right now we added also to the edit user to the test user a role admin so if I log out and log in with this one we can have access to this admin so I'm going to log out and let's login with a test example and yeah we have uh accessed to this one okay now for example I want also to have let's click go to the roles we have a writer and I want also the writer the user who has the writer wrote have access to this admin panel for that let's go to the users and let's create a new user and I'm going to name it a a writer this one and let's say writer example dot com at just the date here and add the password I'm going to add writer role and let's say create very good now this writer has the role writer if I log out with this one and let's login with the writer at example.com and add the password I think like this here we have for all three for beta but we can add an array here and they if the user has the role admin or for example in our case writer and let's save this now come here and refresh yeah we have access we are writer here and we have access there admin pen but if I go to the rows right now and for example I want to delete this so let's delete the admin now okay yeah delete it and of course if I log out and let's login with admin here we have forbidden because they're all admin do not exist so for that we don't have that role on what I want to do in this video also I want to hide the old admin from the list so no no one can access I can delete that either the admin so for that let's run The Artisan migrate left territor seed and come here refresh yeah we have access now and let's go to the roles we have only admin let's create the writer role and let's say create now I want to hide the admin role from here only the admin role so no one can delete that admin because I want the user who has the role admin to have access the the admin panel for that if you go to the filament PHP and here we have an example for multi tenancy and we need to add this public static function get eloquent query Builder we should return the Builder and here we can add the workloader so let's copy this and let's navigate inside the role resource and at the end I'm going to add this method just instead of where belonged to the out user I'm going to say where and say where the name is not admin okay where the name is not admin and that's it so by adding this one we're going to show all the roles except the role where the name is admin so if I come here and refresh we have only the writer we can edit and delete this or all other roles but not the admin and now we are okay I think for our admin role that's it about this video and see you in the next one all the best thank you very much [Music] Hello friends welcome now right now anyone who has access to the admin panel can uh create a new user edit a user delete or the same for the role can create new role edit or delete role and for the permissions the same thing and now I want to change this one and if I open the vs code inside the app models we changed what user can access the filament admin panels or the user who has the admin and writer role can access that and that's okay but for example I want only the user who has the role admin the created it and delete user created it and delete the roles and permission the same thing the writer I'm going to leave only for uh a post I'm going to create a post model in the next video and leave it only the access to the Post for that if you go to the filament and let's go for example here we are inside the admin panel and let's go to the resources and listing records and we have the authorization here for authorization filament will observe any modeled policies that are registered in or application so for example the users May access the list page if the view any method of the model policy returns true and let's do that let's go inside the laravel.com documentation and the create the generator policy we can run the PHP artisan make policy and for example here we have a post policy and we can add also the model post and let's copy that and I'm going to open the terminal inside here and paste that in just I'm going to change the model and the name the B user and the model is going to be user so I'm going to work with the users right now as you can see we have Pro 3 forbidden because we created the policy and the view any is not returning true which we have here so user Max has the list page of if the view any method of the model policy returns true and right now we created that policy but this is not returning true and as I said I want only the user who has the role admin to have access to the users so for that I'm going to say in here in the user policy view any method we have inject the user and I want to return if the user the user has the role admin now if the user has a role admin is going to return true otherwise it's going to return polls and if I save this we need to go inside the provider in the out service provider to register this policy so let's come here and let's say user model and yeah add the user policy here just we need to import this user policy and let's save that okay so import the user model and user police here and with that now if I come here and refresh yeah we have access only as you can see right now only the list the users because in the user policy we have returned true only in this view any now for the edit and delete because right now we don't have the edit button and delete also the create one let's go up here in the filament PHP inside the resources let's go to the creating record authorization and now on the create method we need to return true use and access the create page if the create method of the model policy return true so let's come here I'm going to copy this and here we have the create method and let's paste of that then if I save and refresh as you can see now we have this button very good and is the same for the update I'm going to say only the user who has the role admin and for the delete and we don't need I don't need this one and also either this one so let's save this and come here and refresh and now we have the button to create new user edit and delete a user so let's delete this confirm and we delete it okay friends that's it demonstration or we can use the roles the protect the user model in this case and in the next video I'm going to work with a post model as I said so see you in the next one all the best and thank you very much foreign [Music] welcome back right now we are logged in as a admin user and we have access to create a new user edit and delete users for the roads we have towards the admin and the writer and the admin we hide from the table here and permissions we don't have any permission right now let's create a new user I'm going to create new user I'm going to say writer user I'll write our example.com at the for today I'm going to add password and I'm going to assign the writer role let's say create okay and now this writer can have access to the admin panel but not to the users the edit and delete create new user only can see the users here or also we can hide them but I'm going to leave to see the users for the roles can I'm going to hide the roles and permissions just can see the users and also I'm going to create the post model and the writer can create edit and delete posts but for now I'm going to hide the roads and permission from the writer and also just leave to see the list of users so if I log out as find out as admin and let's sign in as a writer okay yeah right now we don't see the users and we see there always have a mission so I'm going to hide the Roadster permission and show the users okay here inside the user policy when we say view any we check return if the user has the role admin but also I want the because this view any is the display the list of users we see in the previous video so let's also add an array here or the admin and for the overwriter so the writer can see the use user list if I save now and let's go back and let's refresh as you can see we have users here now and we can see the users but we can not delete them or create new user and so on now let's hide the roles and permission but better roles and permissions are not or model is from Spa TV package so for that what I'm going to do because if we go back and let's see here so for the authorization we can see filament will observe any model policy that are resisted in our app and if we create a role policy is going to see if we have the model role in our models directory so let's do that let's create the policy first and here we have an example and let's copy this one open the terminal and let's paste this just change the name to be from post to be uh role and one more for the permission okay very good now if I come here I know fresh as you can see we have the roads here and also the permissions and it's not returning true from uh create or from view any and what I'm going to do to protect that I'm going to create a model role and a model permission in all models directory so let's open again the terminal and let's say artisan make model roll and also make model permission and now we have a permission and a role here go to the role and instead of extending the model what I'm going to extend is extend the role from party permission models models role like this so use party permission models role as models role and we extend that save close this and for permission the same thing instead of the model we extend the permission from spotty and let's save close this one and of course right now nothing happened because the roles and permission are foreign source so let's go here and go to the permission first and we have the permission class which is from party permission models permission but let's remove this and let's now import or app models permission OK save this let's go to the role and do the same thing here remove the roll imported from spotty and import or app models role save come here and refresh now we have forbidden because we are inside the permission and let's go back and as you can see we have only the users if right now for example yeah we have the list of the user and let's log out sign out and let's uh signing us admin also we don't see for the admin so for that we need to go in the policies permission policy and view any we are going to do the same thing we have done in the user policy so let's copy this and paste here but for the role I'm going to add only the admin right now so let's remove the writer and let's copy this and for create also only the admin for the update only the admin and for delete only the admin save go to the permission the same in here not the view but for the create update and delete and save come back refresh we have roads and permission here we have roles we don't have any permission so let's create a new role and let's say for example I'm going to create a moderator role create we created the modulator good let's go and create a permission let's say uh create posts and yeah so everything works correctly and now we only the admin can see the rows and permissions and also can edit the delete and create new user but also the writer can see the users only can see the table of the users okay now let's create a new user and I'm going to create the modulator user so let's say moderator examples I'm going to add date for today I'm going to add a password and let's add the moderator roll create okay and what I'm going to do now the moderator can have access to see the roles and permissions and also the moderator can edit and create a new user so let's do that let's sign out and let's sign it as a modulator foreign because we need to go in the models user model and here we can say also a moderator can access that and if I refresh yeah but the moderator right now don't have access to the user either the table sorry to the role or permission so let's change that let's go in the permissions and as I said the permissions let's say the moderator can only see the permission and here I'm going to say also the moderator can have access to view any who is going to return true if the user has the moderator role and it's inside of the Royal policy the same thing the modulator can view that and if I come here in early flash we have roles but just to see them and permissions just the Siva now for the user let's go in the user policy for the view any also add modulator and I'm going to copy this because I'm lazy for that and just also to create a new user I'm going to add the modulator to update the user but not the delete just leave the users create and edit let's save this come here and refresh and now we have users here and we can see you can create new user and can edit the user but not delete now you can play with the roles and permissions but this is just an example to show you what we can do with rows to protect also the role in and permission from spotty uh package that's it about this video and see you in the next one friends don't forget if you like like the video and subscribe to my channel foreign [Music] welcome right now I'm loggin as admin and with admin we have the access to create new user edit and delete users roles the same thing and permissions for the same thing we have the admin user writer and moderator here in this video I'm going to create the post model and the resource so let's open the vs code here and I'm going to close this one and open the terminal here and let's say our design make model and I'm going to name it post okay also we need the post migration so let's delete this and because I forgot to create the migration so let's say Dash and for migration okay and let's open now that migration here and what I'm going to I'm going to add on the title because this is not so yeah here we have title and content very good let's save and let's close let's run the Artisan migrate now Artisan migrate very good and let's go also in the post model and add here the protected billable but just we need to change the body to be content like this okay and let's create the resource so artisan make filament Dash resource and I'm going to name it uh post resource very good and if I open here and refresh we have both right here and if we go to the create new post we don't have a field so we need to add and let's go inside the filament and inside the user I'm going to copy first that table because I'm going to display only the title so inside the table let's add this and change this to be title okay and for the bar Also let's copy the first one for the name and I'm going to add first we need to add the card from filament form components card make and then we need to change the schema here add an array and paste that in paste this one what we have copied from here just change from name to B title okay let's come here and let's refresh and yeah we have the title but we need also the content so let's do the same thing for and instead of text input I'm going to add the let's go here in the filament PHP and form Builder we need to be not text input but text area like this and yeah let's say text area make description and paste it here and let's say required okay let's change the required here and let's save go to post and we have the title and the description very good and right now we are admin we don't have any policy for the post so we can create and post let's say create content oh yeah we just need to say content here I forget to do that and let's refresh and let's type something let's say create and create it and yeah we have the title here now let's do the same thing with the poll so when we create I want to redirect to the post lists so for that I'm going to go inside the Royal resource create and copy this also let's copy this one and go to the post create and paste that in so we are going to redirect the index URL and we're going to say when we create a new post created let's close and let's go in the edit the same thing I'm going to copy from here and paste in the edit post and say post updated okay let's say new post and with the save first post if I write correctly and just add something here create we address post created and we reject it here and if I edit this one so let's say second post save changes okay post updated and we updated the title here and if we search for the second post we have only the second post this is how we can create a resource you know right now I think now I want to create the policy to protect this post right now we are logged in as admin and let's come here open the timing I didn't say artisan make policy I'm going to name it post Ed model wouldn't be post enter okay and now if I refresh we don't see we have forbidden purpose and we don't see the post right here because it's not returning true on the post policy either in here or in other methods and that's it going to be for the next video so I'm going to leave as it is right now and you can challenge yourself how to fix this for example the admin can create edit view all the posts and delete the modulator also can created it and delete post the writer can only write and update create and update the post not delete and so on okay so see you in the next one all the best thank you very much [Music] Hello friends welcome back now we are logged in as admin and we created the post model post migration and the post resource but we don't see that post resource here because also we created the post policy and we leave it empty the post policy right now we have post policy here yeah all the methods it's not returning true or false so with that we are going to use to work in this uh video first the admin user can see posts can edit create new one and delete both the modulator also can see all the posts can create a post can edit and get delete and for the writer I'm going to just uh create and edit both and see all the boss okay so let's come here and let's go inside the user and I'm going to copy this one here and paste it here and as I said the admin and the writer and the moderator can view them now for the create I'm going to say the admin writer and moderator for the update the same thing for the delete only the admin and the moderator let's delete also this one and let's save right now from here and refresh we see the post because we are logged in as admin we can edit and let's also add the delete button here to do that we need to go in the filament post resource and here when we have actions we need to add that so I'm going to copy this and paste down there and change the edit to be delete action and just I'm going to add right here and refresh here we have the delete okay now the same thing we have for the modulator if I log out so let's go to the users and we have the moderator moderator example.com and writer writer example.com so let's sign out here and sign with moderator add the password sign in and we are signing as a modulator go to the Post we see all the post new post edit and delete okay let's sign out and let's sign in as uh writer at the password go to the Post we see all the posts we have the edit and delete and create new post for the right about the delete I want to remove so for that in the delete just remove the writer here and save come here and refresh and now we don't see that okay this is for the roles now in the next video I'm going to work with the permissions right now we have worked only with the roles okay so see you in the next one all the best and thank you very much for following me [Music] Hello friends welcome back now in this video we are going to work with permissions and right now we have only the create post permission and inside the rows we have the moderator or writer and the admin which is not showing here at the moderator doesn't have any permission yet and also the writer yeah now what I'm going to do just to demonstrate to you I'm going to create a new user here because I am as admin here and let's say just a test user test past example.com let's add that today and I'm going to add the password I'm not going to assign any roles to this one only the permission which is the create post and let's say create okay now I'm going to sign out and assign a sign in with this test example.com this as a no this has only the create pause permission and we don't use that in our app yet so let's say test example.com and add the password right now we have forbidden first okay and let's go in our code set the models when we have the user model and we have this scan access filament I'm going to uncomment this and leave all the users the C right now that when we are going to change that later okay and also we need to remove this implement and Save go back and refresh and yeah here we are but we don't see nothing and because we are as a test user what I'm going to do I'm going to add the ability to see the this user which has a create post to see the post and also to create a new post so for that we need to go in the post policy and in The View any here what I'm going to do I'm going to say the check if the user as the role or the user has that permission create post for that I'm going to create an if statement here and if the user and just let me move this line of code inside here if the user has a role admin writer or modulator or I'm going to say or the user as permission to create posts like this and if that is true I'm going to return true otherwise I'm going to return both and the same I'm going to do also on the create and let's see go back refresh yeah we see the pose and we have the ability to create a new post here very good so let's create a new test post yeah everything works correctly but that's it's okay but uh as you can see with check if the user has the role or the user has permission and if you go to the the level permission in the documentation we can see a best practice role versus the permissions and here we have rows can still be used the group permission for easy assignment of the user moded but we have an example here users have roles we assign arrows to users and roles have permissions and your app please check for permissions not roles so for that what I'm going to do let's go back and I'm going to sign out and sign in as admin and let's go to the roles modulator and I'm going to assign create permission create posts permission save changes let's go to the writer and also here create post but also let's create more permissions create and delete so delete post and also update both let's say uh update pause now we have three permissions let's go to the roles and the moderator also I'm going to add the delete and the update and now we have create delete update posts save changes go to the writer the same thing not the writer I'm going to just add the create and the update us now the delete good now in the post model instead of checking if the the user has a role I'm going to check only the user if the user has permission to create posts and can create the post or here The View Also let's create a for the view let's go to permission and new permission I'm going to say View posts and let's add also this permission the moderator and also the writer and with that now we are going to do in the view any just willing to check if the user has permission to view posts is more simple and let's do the same thing here just in case okay then the create post we just check if the user has permission to create posts here if the user has permission the update the post or edit the post we can say and for the delete we can say if the user has permission to delete the post save come here and refresh right now we are admin as you can see here and we don't see any post because the admin role doesn't have the permissions but for that we are going to make some changes let's go here so in the spotty level permission documentation and go to the defining super admin and here I'm going to copy this line and we need to go in the alpha service provider and add in the boot method at this line of code so let's come here providers our service provider and in the mood method we need to add gate and we need to import the gate oh yeah we have here okay so okay gate before a closure we get the user and return if the user has role not super admin but just admin and with that now if I come here and refresh we have the posts so all the permissions is going to belong to this user so this user is super help me have all the permissions okay now let's sign out and let's sign in with the moderator let's add the password sign in let's go to the Post as a moderator we have the edit delete and create new posts and we see all the posts good let's sign out and let's see us the writer passive writer we have we see all the posts we have the new post button and the edit not the delete so very good and let's sign in as a test user now for last time add the password and as a test user we don't see either the we don't see the post here because we don't add it the View posts permission to this user okay so let's go and log in as admin so here are the users this test user has only the permission to create a post but not to see all the posts or to update and delete so let's say also he can view posts and save changes now if we go and sign in with that user so with a test user this user can see the post and can create new posts only and you can play with the permission now this is the tutorial how we can use the spotty laravel permission package with uh filament admin panel I hope you enjoy and see you in the other tutorials all the best friends and thank you very much for following me
Info
Channel: Code With Tony
Views: 27,506
Rating: undefined out of 5
Keywords: laravel, vuejs, livewire, laravel 8, laravel crud, laravel 8 tutorial, laravel 9 tutorial, laravel filament, laravel filament tutorial, filamentphp, laravel roles, laravel roles and permissions, laravel filament roles, laravel filament permissions, laravel filament admin, laravel tutorial, laravel filament relationship, laravel admin panel, laravel full course, roles, permissions, roles and permissions, customize navigation, filament resource, spatie permission tutorial
Id: bF04VPI68sg
Channel Id: undefined
Length: 110min 41sec (6641 seconds)
Published: Wed Jan 04 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.