Role Resource is accessible for everyone

bezhanSalleh / filament-shield

The easiest and most intuitive way to add access management to your Filament Admin Resources, Pages & Widgets through `spatie/laravel-permission`

MIT License

1.6k stars 180 forks source link

Role Resource is accessible for everyone #372

Closed chrbox closed 5 months ago

chrbox commented 5 months ago

After updating all users have access to the RoleResource in the panel. There are no permissions set for the role of the user.

bezhanSalleh commented 5 months ago

From the config set the following key to true to enforce the policy for RoleResource, clear your config and let me know.

 'register_role_policy' => [
     'enabled' => true,
 ],

dominikgeimer commented 5 months ago

Yes, it works. It fixed the problem for me! Thank you!

hyknn commented 5 months ago

If you're using Laravel 11, you can also fix it by adding this on your AppServiceProvider.php

use Spatie\Permission\Models\Role;
use App\Policies\RolePolicy;
use Illuminate\Support\Facades\Gate;

public function boot(): void
{
    Gate::policy(Role::class, RolePolicy::class);
}

bezhanSalleh commented 5 months ago

If you're using Laravel 11, you can also fix it by adding this on your AppServiceProvider.php
use Spatie\Permission\Models\Role;

use App\Policies\RolePolicy;

use Illuminate\Support\Facades\Gate;

public function boot(): void

{

    Gate::policy(Role::class, RolePolicy::class);

}

You don't really need this, because its already being handled by shield. you just need to turn it on from the config.