lizhuoran/KnowledgeBase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(权限): 创建角色管理资源(RoleResource)

Browse Source 
- 创建 RoleResource 及其所有页面类
- 实现角色列表、创建、编辑、查看功能
- 权限选择器按模块分组显示,支持批量选择
- 实现 super-admin 角色保护(不可编辑和删除)
- 实现角色删除前检查(有关联用户时不可删除)
- 创建 RolePolicy 控制角色管理权限
- 在 AppServiceProvider 中注册 RolePolicy
- 角色列表显示权限数量和用户数量
- 完整的中文界面和提示信息
This commit is contained in:
李卓然
2026-03-11 10:00:29 +08:00
parent 7d13a560f3
commit a17fe167b0
7 changed files with 526 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

264
app/Filament/Resources/RoleResource.php Normal file
View File

@@ -0,0 +1,264 @@
<?php
namespace App\Filament\Resources;
use App\Filament\Resources\RoleResource\Pages;
use Filament\Forms;
use Filament\Forms\Form;
use Filament\Resources\Resource;
use Filament\Tables;
use Filament\Tables\Table;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Models\Role;
class RoleResource extends Resource
{
protected static ?string $model = Role::class;
protected static ?string $navigationIcon = 'heroicon-o-shield-check';
protected static ?string $navigationLabel = '角色管理';
protected static ?string $modelLabel = '角色';
protected static ?string $pluralModelLabel = '角色';
protected static ?int $navigationSort = 5;
protected static ?string $navigationGroup = '系统管理';
public static function form(Form $form): Form
{
return $form
->schema([
Forms\Components\Section::make('基本信息')
->schema([
Forms\Components\TextInput::make('name')
->label('角色标识')
->required()
->unique(ignoreRecord: true)
->maxLength(255)
->placeholder('例如: content-manager')
->helperText('角色的唯一标识符,使用小写字母和连字符')
->regex('/^[a-z0-9\-]+$/')
->validationMessages([
'regex' => '角色标识只能包含小写字母、数字和连字符',
])
->disabled(fn (?Role $record): bool => $record?->name === 'super-admin'),
Forms\Components\Select::make('guard_name')
->label('守卫')
->options([
'web' => 'Web',
])
->default('web')
->required()
->disabled(),
])
->columns(2),
Forms\Components\Section::make('权限配置')
->schema([
Forms\Components\CheckboxList::make('permissions')
->label('权限')
->relationship('permissions', 'name')
->options(function () {
return Permission::all()
->groupBy(function ($permission) {
// 按模块分组(取权限名称的第一部分)
return explode('.', $permission->name)[0];
})
->map(function ($permissions, $module) {
// 模块名称映射
$moduleNames = [
'document' => '文档管理',
'system-setting' => '系统设置',
'activity-log' => '操作日志',
'terminal' => '终端管理',
'sop-template' => 'SOP模板',
'group' => '分组管理',
'user' => '用户管理',
'role' => '角色管理',
];
$moduleName = $moduleNames[$module] ?? $module;
return $permissions->pluck('name', 'name')
->mapWithKeys(function ($name) use ($moduleName) {
// 操作名称映射
$action = explode('.', $name)[1] ?? '';
$actionNames = [
'viewAny' => '查看列表',
'view' => '查看详情',
'create' => '创建',
'update' => '编辑',
'delete' => '删除',
'download' => '下载',
'export' => '导出',
'sync' => '同步',
'publish' => '发布',
'archive' => '归档',
];
$actionName = $actionNames[$action] ?? $action;
$label = "{$moduleName} - {$actionName}";
return [$name => $label];
});
})
->flatten()
->toArray();
})
->columns(3)
->searchable()
->bulkToggleable()
->helperText('选择该角色拥有的权限')
->disabled(fn (?Role $record): bool => $record?->name === 'super-admin'),
])
->description('配置角色的权限super-admin 角色拥有所有权限且不可修改'),
]);
}
public static function table(Table $table): Table
{
return $table
->columns([
Tables\Columns\TextColumn::make('name')
->label('角色标识')
->searchable()
->sortable()
->weight('bold')
->badge()
->color(fn (string $state): string => match ($state) {
'super-admin' => 'danger',
'admin' => 'warning',
'user' => 'success',
default => 'gray',
}),
Tables\Columns\TextColumn::make('guard_name')
->label('守卫')
->badge()
->sortable()
->toggleable(),
Tables\Columns\TextColumn::make('permissions_count')
->label('权限数量')
->counts('permissions')
->sortable()
->alignCenter()
->badge()
->color('info'),
Tables\Columns\TextColumn::make('users_count')
->label('用户数量')
->counts('users')
->sortable()
->alignCenter()
->badge()
->color('success'),
Tables\Columns\IconColumn::make('is_system')
->label('系统角色')
->boolean()
->trueIcon('heroicon-o-lock-closed')
->falseIcon('heroicon-o-lock-open')
->trueColor('danger')
->falseColor('gray')
->getStateUsing(fn (Role $record): bool => $record->name === 'super-admin')
->alignCenter()
->tooltip(fn (Role $record): string =>
$record->name === 'super-admin'
? '系统角色,不可删除'
: '可以删除'
),
Tables\Columns\TextColumn::make('created_at')
->label('创建时间')
->dateTime('Y-m-d H:i:s')
->sortable()
->toggleable(isToggledHiddenByDefault: true),
Tables\Columns\TextColumn::make('updated_at')
->label('更新时间')
->dateTime('Y-m-d H:i:s')
->sortable()
->toggleable(isToggledHiddenByDefault: true),
])
->filters([
Tables\Filters\SelectFilter::make('guard_name')
->label('守卫')
->options([
'web' => 'Web',
]),
])
->actions([
Tables\Actions\ViewAction::make()
->label('查看'),
Tables\Actions\EditAction::make()
->label('编辑')
->visible(fn (Role $record): bool => $record->name !== 'super-admin'),
Tables\Actions\DeleteAction::make()
->label('删除')
->visible(fn (Role $record): bool => $record->name !== 'super-admin')
->before(function (Tables\Actions\DeleteAction $action, Role $record) {
// 检查是否有关联用户
if ($record->users()->count() > 0) {
\Filament\Notifications\Notification::make()
->danger()
->title('无法删除')
->body("该角色还有 {$record->users()->count()} 个用户,请先移除用户的角色后再删除。")
->persistent()
->send();
$action->cancel();
}
}),
])
->bulkActions([
Tables\Actions\BulkActionGroup::make([
Tables\Actions\DeleteBulkAction::make()
->label('批量删除')
->before(function (Tables\Actions\DeleteBulkAction $action, $records) {
// 检查是否包含 super-admin
if ($records->contains('name', 'super-admin')) {
\Filament\Notifications\Notification::make()
->danger()
->title('无法删除')
->body('不能删除 super-admin 角色')
->persistent()
->send();
$action->cancel();
return;
}
// 检查是否有关联用户
$rolesWithUsers = $records->filter(fn ($role) => $role->users()->count() > 0);
if ($rolesWithUsers->count() > 0) {
$roleNames = $rolesWithUsers->pluck('name')->join('、');
\Filament\Notifications\Notification::make()
->danger()
->title('无法删除')
->body("以下角色还有关联用户:{$roleNames},请先移除用户的角色后再删除。")
->persistent()
->send();
$action->cancel();
}
}),
]),
])
->defaultSort('created_at', 'desc');
}
public static function getPages(): array
{
return [
'index' => Pages\ListRoles::route('/'),
'create' => Pages\CreateRole::route('/create'),
'edit' => Pages\EditRole::route('/{record}/edit'),
'view' => Pages\ViewRole::route('/{record}'),
];
}
}

21
app/Filament/Resources/RoleResource/Pages/CreateRole.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
namespace App\Filament\Resources\RoleResource\Pages;
use App\Filament\Resources\RoleResource;
use Filament\Resources\Pages\CreateRecord;
class CreateRole extends CreateRecord
{
protected static string $resource = RoleResource::class;
protected function getRedirectUrl(): string
{
return $this->getResource()::getUrl('index');
}
protected function getCreatedNotificationTitle(): ?string
{
return '角色创建成功';
}
}

32
app/Filament/Resources/RoleResource/Pages/EditRole.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
namespace App\Filament\Resources\RoleResource\Pages;
use App\Filament\Resources\RoleResource;
use Filament\Actions;
use Filament\Resources\Pages\EditRecord;
class EditRole extends EditRecord
{
protected static string $resource = RoleResource::class;
protected function getHeaderActions(): array
{
return [
Actions\ViewAction::make()
->label('查看'),
Actions\DeleteAction::make()
->label('删除'),
];
}
protected function getRedirectUrl(): string
{
return $this->getResource()::getUrl('index');
}
protected function getSavedNotificationTitle(): ?string
{
return '角色更新成功';
}
}

20
app/Filament/Resources/RoleResource/Pages/ListRoles.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
namespace App\Filament\Resources\RoleResource\Pages;
use App\Filament\Resources\RoleResource;
use Filament\Actions;
use Filament\Resources\Pages\ListRecords;
class ListRoles extends ListRecords
{
protected static string $resource = RoleResource::class;
protected function getHeaderActions(): array
{
return [
Actions\CreateAction::make()
->label('创建角色'),
];
}
}

116
app/Filament/Resources/RoleResource/Pages/ViewRole.php Normal file
View File

@@ -0,0 +1,116 @@
<?php
namespace App\Filament\Resources\RoleResource\Pages;
use App\Filament\Resources\RoleResource;
use Filament\Actions;
use Filament\Resources\Pages\ViewRecord;
use Filament\Infolists;
use Filament\Infolists\Infolist;
class ViewRole extends ViewRecord
{
protected static string $resource = RoleResource::class;
protected function getHeaderActions(): array
{
return [
Actions\EditAction::make()
->label('编辑')
->visible(fn (): bool => $this->record->name !== 'super-admin'),
];
}
public function infolist(Infolist $infolist): Infolist
{
return $infolist
->schema([
Infolists\Components\Section::make('角色信息')
->schema([
Infolists\Components\TextEntry::make('name')
->label('角色标识')
->badge()
->color(fn (string $state): string => match ($state) {
'super-admin' => 'danger',
'admin' => 'warning',
'user' => 'success',
default => 'gray',
}),
Infolists\Components\TextEntry::make('guard_name')
->label('守卫')
->badge(),
Infolists\Components\TextEntry::make('permissions_count')
->label('权限数量')
->getStateUsing(fn ($record) => $record->permissions()->count())
->badge()
->color('info'),
Infolists\Components\TextEntry::make('users_count')
->label('用户数量')
->getStateUsing(fn ($record) => $record->users()->count())
->badge()
->color('success'),
Infolists\Components\TextEntry::make('created_at')
->label('创建时间')
->dateTime('Y-m-d H:i:s'),
Infolists\Components\TextEntry::make('updated_at')
->label('更新时间')
->dateTime('Y-m-d H:i:s'),
])
->columns(2),
Infolists\Components\Section::make('权限列表')
->schema([
Infolists\Components\RepeatableEntry::make('permissions')
->label('')
->schema([
Infolists\Components\TextEntry::make('name')
->label('权限')
->badge()
->formatStateUsing(function (string $state): string {
// 格式化权限名称
$parts = explode('.', $state);
$module = $parts[0] ?? '';
$action = $parts[1] ?? '';
$moduleNames = [
'document' => '文档管理',
'system-setting' => '系统设置',
'activity-log' => '操作日志',
'terminal' => '终端管理',
'sop-template' => 'SOP模板',
'group' => '分组管理',
'user' => '用户管理',
'role' => '角色管理',
];
$actionNames = [
'viewAny' => '查看列表',
'view' => '查看详情',
'create' => '创建',
'update' => '编辑',
'delete' => '删除',
'download' => '下载',
'export' => '导出',
'sync' => '同步',
'publish' => '发布',
'archive' => '归档',
];
$moduleName = $moduleNames[$module] ?? $module;
$actionName = $actionNames[$action] ?? $action;
return "{$moduleName} - {$actionName}";
}),
])
->columns(3)
->grid(3),
])
->collapsible(),
]);
}
}

72
app/Policies/RolePolicy.php Normal file
View File

@@ -0,0 +1,72 @@
<?php
namespace App\Policies;
use App\Models\User;
use Spatie\Permission\Models\Role;
class RolePolicy
{
/**
* 查看角色列表
*/
public function viewAny(User $user): bool
{
return $user->can('role.viewAny');
}
/**
* 查看角色详情
*/
public function view(User $user, Role $role): bool
{
return $user->can('role.view');
}
/**
* 创建角色
*/
public function create(User $user): bool
{
return $user->can('role.create');
}
/**
* 编辑角色
*/
public function update(User $user, Role $role): bool
{
// super-admin 角色不能被编辑
if ($role->name === 'super-admin') {
return false;
}
return $user->can('role.update');
}
/**
* 删除角色
*/
public function delete(User $user, Role $role): bool
{
// super-admin 角色不能被删除
if ($role->name === 'super-admin') {
return false;
}
// 检查是否有关联用户
if ($role->users()->count() > 0) {
return false;
}
return $user->can('role.delete');
}
/**
* 批量删除角色
*/
public function deleteAny(User $user): bool
{
return $user->can('role.delete');
}
}

1
app/Providers/AppServiceProvider.php
View File

@@ -35,5 +35,6 @@ class AppServiceProvider extends ServiceProvider
Gate::policy(\App\Models\Document::class, \App\Policies\DocumentPolicy::class); Gate::policy(\App\Models\Document::class, \App\Policies\DocumentPolicy::class);
Gate::policy(\App\Models\Terminal::class, \App\Policies\TerminalPolicy::class); Gate::policy(\App\Models\Terminal::class, \App\Policies\TerminalPolicy::class);
Gate::policy(SopTemplate::class, SopTemplatePolicy::class); Gate::policy(SopTemplate::class, SopTemplatePolicy::class);
Gate::policy(\Spatie\Permission\Models\Role::class, \App\Policies\RolePolicy::class);
} }
} }