bezhanSalleh / filament-shield

The easiest and most intuitive way to add access management to your Filament Admin Resources, Pages & Widgets through `spatie/laravel-permission`
MIT License
1.35k stars 166 forks source link

Role CRUD accessibility is bypassed #364

Closed blalmal10a closed 3 months ago

blalmal10a commented 3 months ago

Role can be accessed by user with/without any role in latest release i.e. version 3.2.4.

Using 3.2.3 for now.

Solankill commented 3 months ago

Having the same issue. I managed to remove it from the sidebar nav bt changing config/filament-shield.php.

'shield_resource' => [ 'should_register_navigation' => false, //Change to False ]

However, if you have the URL, you can still access the Roles GUI with any user and make changes. Not sure if I am missing something but maybe there is a setting somewhere?

Solankill commented 3 months ago

This may help -

You need to mark this as true. This fixed it for me. 'register_role_policy' => [ 'enabled' => true, ],

blalmal10a commented 3 months ago

This may help -

You need to mark this as true. This fixed it for me. 'register_role_policy' => [ 'enabled' => true, ],

THANK YOU