Filament•2y ago•

2 replies

Authorization in RelationManager not allowing to use different model

Hi,

I have a

UserResource

UserResource

with a

TokenRelationManager

TokenRelationManager

.
The tokens use model

Laravel\Sanctum\PersonalAccessToken

Laravel\Sanctum\PersonalAccessToken

.

I have the following header action on the relation manager:

->headerActions([
    Tables\Actions\CreateAction::make()
        ->label('Token Aanmaken')
        ->authorize('createToken', User::class)
        ->using(function (array $data, string $model): PersonalAccessToken {
            /** @var User */
            $user = $this->getOwnerRecord();

            $token = $user->createToken(
                name: $data['name'],
                abilities: $data['abilities'],
                expiresAt: $data['expires_at']
            );

            Session::flash('token', $token->plainTextToken);

            return $token->accessToken;
        })
        ->successNotification(function (): Notification {
            $token = Session::pull('token');
            [$id, $token] = explode('|', $token, 2);

            $this->js("window.navigator.clipboard.writeText('{$token}')");

            return Notification::make()
                ->title('Token Aangemaakt!')
                ->body($token)
                ->persistent()
                ->success()
                ->color('success')
                ->icon('heroicon-o-key');
        }),
])

->headerActions([
    Tables\Actions\CreateAction::make()
        ->label('Token Aanmaken')
        ->authorize('createToken', User::class)
        ->using(function (array $data, string $model): PersonalAccessToken {
            /** @var User */
            $user = $this->getOwnerRecord();

            $token = $user->createToken(
                name: $data['name'],
                abilities: $data['abilities'],
                expiresAt: $data['expires_at']
            );

            Session::flash('token', $token->plainTextToken);

            return $token->accessToken;
        })
        ->successNotification(function (): Notification {
            $token = Session::pull('token');
            [$id, $token] = explode('|', $token, 2);

            $this->js("window.navigator.clipboard.writeText('{$token}')");

            return Notification::make()
                ->title('Token Aangemaakt!')
                ->body($token)
                ->persistent()
                ->success()
                ->color('success')
                ->icon('heroicon-o-key');
        }),
])

As you can see in

->authorize('createToken', User::class)

->authorize('createToken', User::class)

I want to trigget the

createToken

createToken

method on the

UserPolicy

UserPolicy

.

Because of this code in the

InteractsWithRecord

InteractsWithRecord

trait the model of the relation manager gets prepended as an argument:

protected function parseAuthorizationArguments(array $arguments): array
    {
        if ($record = $this->getRecord()) {
            array_unshift($arguments, $record);
        } elseif ($model = $this->getModel()) {
            array_unshift($arguments, $model);
        }

        return $arguments;
    }

protected function parseAuthorizationArguments(array $arguments): array
    {
        if ($record = $this->getRecord()) {
            array_unshift($arguments, $record);
        } elseif ($model = $this->getModel()) {
            array_unshift($arguments, $model);
        }

        return $arguments;
    }

How could I trigger the authorization method to use the

UserPolicy

UserPolicy

Solution

I solved this issue by using:

->authorize('createToken', $this->getOwnerRecord())

->authorize('createToken', $this->getOwnerRecord())

and

Gate::policy(PersonalAccessToken::class, UserPolicy::class);

Gate::policy(PersonalAccessToken::class, UserPolicy::class);

I do not know if this is the best possible solution, but it works

Jump to solution

Filament•2y ago•

2 replies

Proculair B.V.

Authorization in RelationManager not allowing to use different model

Hi,

I have a

UserResource

UserResource

with a

TokenRelationManager

TokenRelationManager

.
The tokens use model

Laravel\Sanctum\PersonalAccessToken

Laravel\Sanctum\PersonalAccessToken

.

I have the following header action on the relation manager:

->headerActions([
    Tables\Actions\CreateAction::make()
        ->label('Token Aanmaken')
        ->authorize('createToken', User::class)
        ->using(function (array $data, string $model): PersonalAccessToken {
            /** @var User */
            $user = $this->getOwnerRecord();

            $token = $user->createToken(
                name: $data['name'],
                abilities: $data['abilities'],
                expiresAt: $data['expires_at']
            );

            Session::flash('token', $token->plainTextToken);

            return $token->accessToken;
        })
        ->successNotification(function (): Notification {
            $token = Session::pull('token');
            [$id, $token] = explode('|', $token, 2);

            $this->js("window.navigator.clipboard.writeText('{$token}')");

            return Notification::make()
                ->title('Token Aangemaakt!')
                ->body($token)
                ->persistent()
                ->success()
                ->color('success')
                ->icon('heroicon-o-key');
        }),
])

->headerActions([
    Tables\Actions\CreateAction::make()
        ->label('Token Aanmaken')
        ->authorize('createToken', User::class)
        ->using(function (array $data, string $model): PersonalAccessToken {
            /** @var User */
            $user = $this->getOwnerRecord();

            $token = $user->createToken(
                name: $data['name'],
                abilities: $data['abilities'],
                expiresAt: $data['expires_at']
            );

            Session::flash('token', $token->plainTextToken);

            return $token->accessToken;
        })
        ->successNotification(function (): Notification {
            $token = Session::pull('token');
            [$id, $token] = explode('|', $token, 2);

            $this->js("window.navigator.clipboard.writeText('{$token}')");

            return Notification::make()
                ->title('Token Aangemaakt!')
                ->body($token)
                ->persistent()
                ->success()
                ->color('success')
                ->icon('heroicon-o-key');
        }),
])

As you can see in

->authorize('createToken', User::class)

->authorize('createToken', User::class)

I want to trigget the

createToken

createToken

method on the

UserPolicy

UserPolicy

.

Because of this code in the

InteractsWithRecord

InteractsWithRecord

trait the model of the relation manager gets prepended as an argument:

protected function parseAuthorizationArguments(array $arguments): array
    {
        if ($record = $this->getRecord()) {
            array_unshift($arguments, $record);
        } elseif ($model = $this->getModel()) {
            array_unshift($arguments, $model);
        }

        return $arguments;
    }

protected function parseAuthorizationArguments(array $arguments): array
    {
        if ($record = $this->getRecord()) {
            array_unshift($arguments, $record);
        } elseif ($model = $this->getModel()) {
            array_unshift($arguments, $model);
        }

        return $arguments;
    }

How could I trigger the authorization method to use the

UserPolicy

UserPolicy

Solution

I solved this issue by using:

->authorize('createToken', $this->getOwnerRecord())

->authorize('createToken', $this->getOwnerRecord())

and

Gate::policy(PersonalAccessToken::class, UserPolicy::class);

Gate::policy(PersonalAccessToken::class, UserPolicy::class);

I do not know if this is the best possible solution, but it works

Jump to solution

Authorization in RelationManager not allowing to use different model

Authorization in RelationManager not allowing to use different model

Similar Threads

Similar Threads

Similar Threads