F
Filament4mo ago
KennY_Thugs

ViewAny Policy with user HasRoles

Hello someone can explain if i can hide SuperAdmin role to Admin Role in UsersTable with Policy. Like this: 
public function viewAny(User $user): bool
    {
        // Check if the user has the 'view any users' permission
        if ($user->hasRole(['SuperAdmin'])) {
            return true;
        } else if ($user->hasRole(['Admin'])) {
            // Example: allow Admins to view any users but dont see SuperAdmin
            return true;
        } else {
            return false;
        }
    }
public function viewAny(User $user): bool
    {
        // Check if the user has the 'view any users' permission
        if ($user->hasRole(['SuperAdmin'])) {
            return true;
        } else if ($user->hasRole(['Admin'])) {
            // Example: allow Admins to view any users but dont see SuperAdmin
            return true;
        } else {
            return false;
        }
    }
11 Replies
toeknee
toeknee4mo ago
So that should be added in the 'view' not 'viewAny' 
return $record->name === 'SuperAdmin' && $user->hasRole(['SuperAdmin']);
return $record->name === 'SuperAdmin' && $user->hasRole(['SuperAdmin']);
KennY_Thugs
KennY_ThugsOP4mo ago
Thanks for your help and attention. But what i want is i have two Roles SuperAdmin and Admin and i want the SuperAdmin view all records and Admin view all records but dont see SuperAdmin. I was trying with 
->modifyQueryUsing(function (Builder $query) { 
                if (!Auth::user()->roles->pluck('SuperAdmin')) {
->modifyQueryUsing(function (Builder $query) { 
                if (!Auth::user()->roles->pluck('SuperAdmin')) {
And then i thought create another Resource UserSuperAdmin only for SuperAdmin and resource Users for Admin ?
awcodes
awcodes4mo ago
You should look into global gates. Good example use case https://spatie.be/docs/laravel-permission/v6/basic-usage/super-admin
Defining a Super-Admin | laravel-permission
laravel-permission
awcodes
awcodes4mo ago
Basically. You can bypass the policy entirely for certain roles by defining a Gate::before() or Gate::after()
KennY_Thugs
KennY_ThugsOP4mo ago
Sorry i see this solution but i want to remove one row only and can see the other rows in the table users. Example table users have 
Test1  --> User with Role SuperAdmin
test2  --> User without Role
test3  --> User without Role
test4  --> User without Role
test5  --> User With Role Admin
Test1  --> User with Role SuperAdmin
test2  --> User without Role
test3  --> User without Role
test4  --> User without Role
test5  --> User With Role Admin
SuperAdmin View 
Test1  --> User with Role SuperAdmin
test2  --> User without Role
test3  --> User without Role
test4  --> User without Role
test5  --> User With Role Admin
Test1  --> User with Role SuperAdmin
test2  --> User without Role
test3  --> User without Role
test4  --> User without Role
test5  --> User With Role Admin
Admin View 
test2  --> User without Role
test3  --> User without Role
test4  --> User without Role
test5  --> User With Role Admin
test2  --> User without Role
test3  --> User without Role
test4  --> User without Role
test5  --> User With Role Admin
awcodes
awcodes4mo ago
Hmm, you might need a combination of gates, policies and query scopes then.
KennY_Thugs
KennY_ThugsOP4mo ago
i try this in UserResource: 
if (!Auth::user()->roles->pluck('SuperAdmin')->contains(true)) {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query->where('name', '!=', 'Test1');
            });
        }
        else {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query;
            });
        }
        return $table
if (!Auth::user()->roles->pluck('SuperAdmin')->contains(true)) {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query->where('name', '!=', 'Test1');
            });
        }
        else {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query;
            });
        }
        return $table
But dont work 😟
awcodes
awcodes4mo ago
Where are you using this? I still think with the right scopes you won’t have to modify the query.
KennY_Thugs
KennY_ThugsOP4mo ago
public static function table(Table $table): Table
    {
        $table = $table
            ->columns([
                Tables\Columns\TextColumn::make('name')
                    ->searchable(),
                Tables\Columns\TextColumn::make('email')
                    ->searchable(),
                Tables\Columns\TextColumn::make('Roles.name')
                    ->label('Cargos')
                    ->badge()
                    ->color(fn (string $state): string => match ($state) {
                        'Empregado' => 'warning',
                        'Admin' => 'success',
                        'SuperAdmin' => 'danger',
                    }),
                Tables\Columns\TextColumn::make('email_verified_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable(),
                Tables\Columns\TextColumn::make('created_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
                Tables\Columns\TextColumn::make('updated_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
            ]);

        if (!Auth::user()->roles->pluck('SuperAdmin')->contains(true)) {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query->where('name', '!=', 'Teste1');
            });
        }
        else {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query;
            });
        }
    }
public static function table(Table $table): Table
    {
        $table = $table
            ->columns([
                Tables\Columns\TextColumn::make('name')
                    ->searchable(),
                Tables\Columns\TextColumn::make('email')
                    ->searchable(),
                Tables\Columns\TextColumn::make('Roles.name')
                    ->label('Cargos')
                    ->badge()
                    ->color(fn (string $state): string => match ($state) {
                        'Empregado' => 'warning',
                        'Admin' => 'success',
                        'SuperAdmin' => 'danger',
                    }),
                Tables\Columns\TextColumn::make('email_verified_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable(),
                Tables\Columns\TextColumn::make('created_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
                Tables\Columns\TextColumn::make('updated_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
            ]);

        if (!Auth::user()->roles->pluck('SuperAdmin')->contains(true)) {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query->where('name', '!=', 'Teste1');
            });
        }
        else {
            $table = $table->modifyQueryUsing(function (Builder $query) {
                return $query;
            });
        }
    }
awcodes
awcodes4mo ago
Try moving the logic into ->modifyQueryUsing() directly on the table.
KennY_Thugs
KennY_ThugsOP4mo ago
  public static function table(Table $table): Table
    {
        $tableBuilder = $table
            ->columns([
                Tables\Columns\TextColumn::make('name')
                    ->searchable(),
                Tables\Columns\TextColumn::make('email')
                    ->searchable(),
                Tables\Columns\TextColumn::make('Roles.name')
                    ->label('Cargos')
                    ->badge()
                    ->color(fn (string $state): string => match ($state) {
                        'Empregado' => 'warning',
                        'Admin' => 'success',
                        'SuperAdmin' => 'danger',
                    }),
                Tables\Columns\TextColumn::make('email_verified_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable(),
                Tables\Columns\TextColumn::make('created_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
                Tables\Columns\TextColumn::make('updated_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
            ])

        // Conditionally modify the query if the user is not SuperAdmin
        if (!Auth::user()->roles->pluck('name')->contains('SuperAdmin')) {
            $tableBuilder->modifyQueryUsing(function (Builder $query) {
                return $query->where('name', '!=', 'pepe');
            });
        }

        return $tableBuilder;
    }
  public static function table(Table $table): Table
    {
        $tableBuilder = $table
            ->columns([
                Tables\Columns\TextColumn::make('name')
                    ->searchable(),
                Tables\Columns\TextColumn::make('email')
                    ->searchable(),
                Tables\Columns\TextColumn::make('Roles.name')
                    ->label('Cargos')
                    ->badge()
                    ->color(fn (string $state): string => match ($state) {
                        'Empregado' => 'warning',
                        'Admin' => 'success',
                        'SuperAdmin' => 'danger',
                    }),
                Tables\Columns\TextColumn::make('email_verified_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable(),
                Tables\Columns\TextColumn::make('created_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
                Tables\Columns\TextColumn::make('updated_at')
                    ->dateTime('d-m-Y H:m')
                    ->sortable()
                    ->toggleable(isToggledHiddenByDefault: false),
            ])

        // Conditionally modify the query if the user is not SuperAdmin
        if (!Auth::user()->roles->pluck('name')->contains('SuperAdmin')) {
            $tableBuilder->modifyQueryUsing(function (Builder $query) {
                return $query->where('name', '!=', 'pepe');
            });
        }

        return $tableBuilder;
    }
Its working thanks guys for all attention and sorry for my English and the complications

Did you find this page helpful?