How do I only display data related to the model loaded into the panel?
Alright, i know this has been discussed before, but I am having difficulty finding the resources again. I am trying to use Filament to handle the settings pages for my users and groups in my project. I'll just discuss groups since the concept is the same in both.
I created a GroupPanelprovider,
So first question is where do i limit this to only display the information related to the group.
Access should be granted only to users who match Group->owner_id or is a group_admin
as defined in group_user table where role_id = 5 or 7 (referencing roles table)
I created a middleware for this (not sure if correct, and not sure where to add this)
Now all that should verify the user, but then I have several related models that I attached as resources, such as addresses, hours, etc.
But currently these models are displaying all data instead of only the data related to the specificied group.
So is there a way to have all resources query ->where(group_id,$group_id) and prevent any manual entry of a group. Or do i need to modify the query for each resource?
And if for each resource, how do i reference the group_id that the panel should be displaying?
This seems similar to the multi tenancy, but its between group and other models.
I created a GroupPanelprovider,
So first question is where do i limit this to only display the information related to the group.
Access should be granted only to users who match Group->owner_id or is a group_admin
as defined in group_user table where role_id = 5 or 7 (referencing roles table)
I created a middleware for this (not sure if correct, and not sure where to add this)
class CheckGroupAccess
{
public function handle(Request $request, Closure $next)
{
$groupId = $request->route('group');
$user = Auth::user();
$group = Group::find($groupId);
if ( ! $group) {
abort(404, 'Group not found');
}
if ($user->id === $group->owner_id
|| $user->hasRole('group_admin', $groupId)
) {
return $next($request);
}
abort(403, 'Unauthorized access');
}
Now all that should verify the user, but then I have several related models that I attached as resources, such as addresses, hours, etc.
But currently these models are displaying all data instead of only the data related to the specificied group.
So is there a way to have all resources query ->where(group_id,$group_id) and prevent any manual entry of a group. Or do i need to modify the query for each resource?
And if for each resource, how do i reference the group_id that the panel should be displaying?
This seems similar to the multi tenancy, but its between group and other models.
