PHP code example of laraarabdev / filament-gatekeeper
1. Go to this page and download the library: Download laraarabdev/filament-gatekeeper library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
laraarabdev / filament-gatekeeper example snippets
use LaraArabDev\FilamentGatekeeper\GatekeeperPlugin;
public function panel(Panel $panel): Panel
{
return $panel
->plugins([
GatekeeperPlugin::make()
->superAdminRole('super-admin')
->bypassForSuperAdmin(true)
->enableFieldPermissions()
->enableColumnPermissions()
->enableActionPermissions()
->enableRelationPermissions()
->navigationGroup('Access Control'),
]);
}
use LaraArabDev\FilamentGatekeeper\Base\GatekeeperAuthenticatable;
class User extends GatekeeperAuthenticatable
{
// HasRoles trait is automatically
use Illuminate\Foundation\Auth\User as Authenticatable;
use Spatie\Permission\Traits\HasRoles;
class User extends Authenticatable
{
use HasRoles;
}
use LaraArabDev\FilamentGatekeeper\Base\GatekeeperResource;
class UserResource extends GatekeeperResource
{
protected static ?string $model = User::class;
// All permissions work automatically!
}
use Filament\Resources\Resource;
use LaraArabDev\FilamentGatekeeper\Concerns\HasResourcePermissions;
class UserResource extends Resource
{
use HasResourcePermissions;
protected static ?string $model = User::class;
}
use LaraArabDev\FilamentGatekeeper\Concerns\HasFieldPermissions;
class UserResource extends Resource
{
use HasFieldPermissions;
public static function form(Schema $schema): Schema
{
return $schema->schema([
TextInput::make('name'),
TextInput::make('email')
->visible(fn () => static::canViewField('email'))
->disabled(fn () => !static::canUpdateField('email')),
TextInput::make('salary')
->visible(fn () => static::canViewField('salary'))
->disabled(fn () => !static::canUpdateField('salary')),
]);
}
}
use LaraArabDev\FilamentGatekeeper\Concerns\HasColumnPermissions;
class UserResource extends Resource
{
use HasColumnPermissions;
public static function table(Table $table): Table
{
return $table->columns([
TextColumn::make('name'),
TextColumn::make('email')
->visible(fn () => static::canViewColumn('email')),
TextColumn::make('salary')
->visible(fn () => static::canViewColumn('salary')),
]);
}
}
use LaraArabDev\FilamentGatekeeper\Concerns\HasActionPermissions;
class UserResource extends Resource
{
use HasActionPermissions;
public static function table(Table $table): Table
{
return $table->actions([
Action::make('export')
->visible(fn () => static::canExecuteAction('export')),
]);
}
}
use LaraArabDev\FilamentGatekeeper\Base\GatekeeperPage;
class SettingsPage extends GatekeeperPage
{
protected static string $view = 'filament.pages.settings';
// canAccess() works automatically
}
use LaraArabDev\FilamentGatekeeper\Base\GatekeeperWidget;
class StatsOverview extends GatekeeperWidget
{
// canView() works automatically
}
use LaraArabDev\FilamentGatekeeper\Concerns\HasRelationPermissions;
class UserResource extends Resource
{
use HasRelationPermissions;
public static function getRelations(): array
{
return static::getPermittedRelations([
RolesRelationManager::class,
PostsRelationManager::class,
]);
}
}
// config/gatekeeper.php
'field_discovery' => [
'enabled' => true, // Set to true to activate
'sources' => ['fillable'], // One or more sources (see below)
],
// Only fillable fields (recommended for most apps)
'sources' => ['fillable'],
// Fillable + anything listed in config
'sources' => ['fillable', 'config'],
// Everything in the database (minus exclusions)
'sources' => ['database'],
// Only fields that appear in your Filament forms
'sources' => ['resource'],
// All sources — maximum coverage
'sources' => ['fillable', 'database', 'resource', 'config'],
'field_discovery' => [
// 1. Default exclusions — always removed from ALL models
'default_excluded' => [
'id', 'uuid', 'created_at', 'updated_at', 'deleted_at',
'remember_token', 'email_verified_at',
'two_factor_secret', 'two_factor_recovery_codes',
'two_factor_confirmed_at',
],
// 2. Per-model exclusions
'excluded' => [
'*' => ['password'], // Excluded from EVERY model
'User' => ['api_token'], // Excluded from User only
'Employee' => ['ssn'], // Excluded from Employee only
],
],
// config/gatekeeper.php
'column_discovery' => [
'enabled' => true, // Set to true to activate
'sources' => ['config', 'database'], // One or more sources (see below)
],
// Config + database (recommended)
'sources' => ['config', 'database'],
// Only columns that appear in your Filament tables
'sources' => ['resource'],
// Everything in the database (minus exclusions)
'sources' => ['database'],
// All sources — maximum coverage
'sources' => ['database', 'resource', 'config'],
'column_discovery' => [
// 1. Default exclusions — always removed from ALL models
'default_excluded' => [
'password',
'remember_token',
'two_factor_secret',
'two_factor_recovery_codes',
],
// 2. Per-model exclusions
'excluded' => [
'*' => [], // Excluded from EVERY model
'User' => ['api_token'], // Excluded from User only
'Employee' => ['salary'], // Excluded from Employee only
],
],
class UserController extends Controller
{
public function index() { return User::paginate(); }
public function store(Request $request) { return User::create($request->validated()); }
public function show(User $user) { return $user; }
public function update(Request $request, User $user) { $user->update($request->validated()); return $user; }
public function destroy(User $user) { $user->delete(); return response()->noContent(); }
}
class UserController extends Controller
{
public function __construct()
{
$this->middleware('gatekeeper.resource:User');
// Or map specific methods manually
$this->middleware('gatekeeper.api:view_any_user')->only('index');
$this->middleware('gatekeeper.api:create_user')->only('store');
}
}
use LaraArabDev\FilamentGatekeeper\Concerns\HasApiPermissions;
class UserController extends Controller
{
use HasApiPermissions;
protected string $permissionModel = 'user';
public function index()
{
$this->authorizeIndex(); // view_any_user
return User::paginate();
}
public function store(Request $request)
{
$this->authorizeStore(); // create_user
return User::create($request->validated());
}
public function show(User $user)
{
$this->authorizeShow($user); // view_user
return $user;
}
public function update(Request $request, User $user)
{
$this->authorizeUpdate($user); // update_user
$user->update($request->validated());
return $user;
}
public function destroy(User $user)
{
$this->authorizeDestroy($user); // delete_user
$user->delete();
return response()->noContent();
}
}
use LaraArabDev\FilamentGatekeeper\Concerns\HasResourcePermissions;
class UserResource extends JsonResource
{
use HasResourcePermissions;
protected static string $permissionModel = 'user';
public function toArray($request): array
{
return [
'id' => $this->id,
'name' => $this->name,
'email' => $this->whenCanViewColumn('email', $this->email),
'salary' => $this->whenCanViewColumn('salary', $this->salary),
'roles' => $this->whenCanLoadRelation('roles', fn () => $this->roles),
];
}
}
use LaraArabDev\FilamentGatekeeper\Facades\Gatekeeper;
// Check permission
if (Gatekeeper::can('view_user')) {
// User has permission
}
// Authorize (throws exception if denied)
Gatekeeper::authorize('create_user');
// Check with specific guard
Gatekeeper::guard('api')->can('view_user');
// Get visible fields/columns
$fields = Gatekeeper::getVisibleFields('User');
$columns = Gatekeeper::getVisibleColumns('User');