lizhuoran
dfe0ff42bc
- 更新 UserResource 添加角色和权限管理 - 添加角色选择字段(多选) - 添加直接权限配置(按模块分组的复选框列表) - 在用户列表中显示角色和权限数量 - 添加角色筛选器 - 防止删除超级管理员 - 创建 ViewUser 页面显示用户详细权限信息 - 显示所有权限(角色权限 + 直接权限) - 按模块分组展示权限 - 区分显示直接权限 - 创建 UserPolicy 控制用户管理权限 - 基于 user.* 权限控制访问 - 保护超级管理员不被编辑和删除 - 防止用户删除自己 - 在 AppServiceProvider 中注册 UserPolicy
251 lines
11 KiB
PHP
251 lines
11 KiB
PHP
<?php
|
||
|
||
namespace App\Filament\Resources;
|
||
|
||
use App\Filament\Resources\UserResource\Pages;
|
||
use App\Filament\Resources\UserResource\RelationManagers;
|
||
use App\Models\User;
|
||
use Filament\Forms;
|
||
use Filament\Forms\Form;
|
||
use Filament\Resources\Resource;
|
||
use Filament\Tables;
|
||
use Filament\Tables\Table;
|
||
use Illuminate\Database\Eloquent\Builder;
|
||
use Illuminate\Database\Eloquent\SoftDeletingScope;
|
||
|
||
class UserResource extends Resource
|
||
{
|
||
protected static ?string $model = User::class;
|
||
|
||
protected static ?string $navigationIcon = 'heroicon-o-users';
|
||
|
||
protected static ?string $navigationLabel = '用户管理';
|
||
|
||
protected static ?string $modelLabel = '用户';
|
||
|
||
protected static ?string $pluralModelLabel = '用户';
|
||
|
||
protected static ?int $navigationSort = 3;
|
||
|
||
public static function form(Form $form): Form
|
||
{
|
||
return $form
|
||
->schema([
|
||
Forms\Components\Section::make('基本信息')
|
||
->schema([
|
||
Forms\Components\TextInput::make('name')
|
||
->label('用户名称')
|
||
->required()
|
||
->maxLength(255)
|
||
->placeholder('请输入用户名称'),
|
||
Forms\Components\TextInput::make('email')
|
||
->label('邮箱')
|
||
->email()
|
||
->required()
|
||
->maxLength(255)
|
||
->placeholder('请输入邮箱地址'),
|
||
Forms\Components\TextInput::make('password')
|
||
->label('密码')
|
||
->password()
|
||
->required(fn (string $context): bool => $context === 'create')
|
||
->dehydrated(fn ($state) => filled($state))
|
||
->minLength(8)
|
||
->placeholder('请输入密码(至少8位)')
|
||
->helperText('编辑时留空表示不修改密码'),
|
||
])
|
||
->columns(2),
|
||
|
||
Forms\Components\Section::make('分组与角色')
|
||
->schema([
|
||
Forms\Components\Select::make('groups')
|
||
->label('所属分组')
|
||
->multiple()
|
||
->relationship('groups', 'name')
|
||
->preload()
|
||
->placeholder('请选择用户所属的分组')
|
||
->helperText('用户可以属于多个分组'),
|
||
Forms\Components\Select::make('roles')
|
||
->label('角色')
|
||
->multiple()
|
||
->relationship('roles', 'name')
|
||
->preload()
|
||
->placeholder('请选择用户角色')
|
||
->helperText('角色决定用户的基础权限')
|
||
->searchable(),
|
||
])
|
||
->columns(2),
|
||
|
||
Forms\Components\Section::make('直接权限')
|
||
->description('为用户分配额外的权限,这些权限会叠加到角色权限之上')
|
||
->schema([
|
||
Forms\Components\CheckboxList::make('permissions')
|
||
->label('权限列表')
|
||
->relationship('permissions', 'name')
|
||
->columns(3)
|
||
->gridDirection('row')
|
||
->options(function () {
|
||
return \Spatie\Permission\Models\Permission::all()
|
||
->groupBy(function ($permission) {
|
||
return explode('.', $permission->name)[0];
|
||
})
|
||
->map(function ($permissions, $module) {
|
||
$moduleNames = [
|
||
'document' => '文档管理',
|
||
'sop' => 'SOP模板',
|
||
'terminal' => '终端管理',
|
||
'user' => '用户管理',
|
||
'role' => '角色管理',
|
||
'group' => '分组管理',
|
||
'system' => '系统设置',
|
||
'activity' => '操作日志',
|
||
];
|
||
return $permissions->pluck('name', 'name')
|
||
->mapWithKeys(function ($name) use ($moduleNames) {
|
||
$parts = explode('.', $name);
|
||
$module = $parts[0];
|
||
$action = $parts[1] ?? '';
|
||
$actionNames = [
|
||
'view' => '查看',
|
||
'create' => '创建',
|
||
'update' => '编辑',
|
||
'delete' => '删除',
|
||
'export' => '导出',
|
||
'import' => '导入',
|
||
'publish' => '发布',
|
||
'archive' => '归档',
|
||
'download' => '下载',
|
||
'sync' => '同步',
|
||
];
|
||
$label = ($moduleNames[$module] ?? $module) . ' - ' . ($actionNames[$action] ?? $action);
|
||
return [$name => $label];
|
||
});
|
||
})
|
||
->flatten()
|
||
->toArray();
|
||
})
|
||
->searchable()
|
||
->bulkToggleable(),
|
||
])
|
||
->collapsible()
|
||
->collapsed(),
|
||
]);
|
||
}
|
||
|
||
public static function table(Table $table): Table
|
||
{
|
||
return $table
|
||
->columns([
|
||
Tables\Columns\TextColumn::make('id')
|
||
->label('ID')
|
||
->sortable(),
|
||
Tables\Columns\TextColumn::make('name')
|
||
->label('用户名称')
|
||
->searchable()
|
||
->sortable(),
|
||
Tables\Columns\TextColumn::make('email')
|
||
->label('邮箱')
|
||
->searchable()
|
||
->sortable(),
|
||
Tables\Columns\TextColumn::make('roles.name')
|
||
->label('角色')
|
||
->badge()
|
||
->color(fn (string $state): string => match ($state) {
|
||
'super-admin' => 'danger',
|
||
'admin' => 'warning',
|
||
'user' => 'success',
|
||
default => 'gray',
|
||
})
|
||
->formatStateUsing(fn (string $state): string => match ($state) {
|
||
'super-admin' => '超级管理员',
|
||
'admin' => '管理员',
|
||
'user' => '普通用户',
|
||
default => $state,
|
||
})
|
||
->searchable()
|
||
->toggleable(),
|
||
Tables\Columns\TextColumn::make('groups.name')
|
||
->label('所属分组')
|
||
->badge()
|
||
->searchable()
|
||
->toggleable(),
|
||
Tables\Columns\TextColumn::make('permissions_count')
|
||
->label('权限数量')
|
||
->counts('permissions')
|
||
->sortable()
|
||
->toggleable(),
|
||
Tables\Columns\TextColumn::make('created_at')
|
||
->label('创建时间')
|
||
->dateTime('Y-m-d H:i:s')
|
||
->sortable()
|
||
->toggleable(),
|
||
Tables\Columns\TextColumn::make('updated_at')
|
||
->label('更新时间')
|
||
->dateTime('Y-m-d H:i:s')
|
||
->sortable()
|
||
->toggleable(isToggledHiddenByDefault: true),
|
||
])
|
||
->filters([
|
||
Tables\Filters\SelectFilter::make('roles')
|
||
->label('角色')
|
||
->relationship('roles', 'name')
|
||
->multiple()
|
||
->preload(),
|
||
])
|
||
->actions([
|
||
Tables\Actions\ViewAction::make()
|
||
->label('查看'),
|
||
Tables\Actions\EditAction::make()
|
||
->label('编辑'),
|
||
Tables\Actions\DeleteAction::make()
|
||
->label('删除')
|
||
->before(function (Tables\Actions\DeleteAction $action, User $record) {
|
||
// 防止删除超级管理员
|
||
if ($record->isSuperAdmin()) {
|
||
\Filament\Notifications\Notification::make()
|
||
->danger()
|
||
->title('无法删除')
|
||
->body('不能删除超级管理员账户')
|
||
->send();
|
||
$action->cancel();
|
||
}
|
||
}),
|
||
])
|
||
->bulkActions([
|
||
Tables\Actions\BulkActionGroup::make([
|
||
Tables\Actions\DeleteBulkAction::make()
|
||
->label('批量删除')
|
||
->before(function (Tables\Actions\DeleteBulkAction $action, $records) {
|
||
// 检查是否包含超级管理员
|
||
$hasSuperAdmin = $records->contains(fn ($record) => $record->isSuperAdmin());
|
||
if ($hasSuperAdmin) {
|
||
\Filament\Notifications\Notification::make()
|
||
->danger()
|
||
->title('无法删除')
|
||
->body('选中的用户中包含超级管理员,无法批量删除')
|
||
->send();
|
||
$action->cancel();
|
||
}
|
||
}),
|
||
]),
|
||
])
|
||
->defaultSort('created_at', 'desc');
|
||
}
|
||
|
||
public static function getRelations(): array
|
||
{
|
||
return [
|
||
RelationManagers\GroupsRelationManager::class,
|
||
];
|
||
}
|
||
|
||
public static function getPages(): array
|
||
{
|
||
return [
|
||
'index' => Pages\ListUsers::route('/'),
|
||
'create' => Pages\CreateUser::route('/create'),
|
||
'view' => Pages\ViewUser::route('/{record}'),
|
||
'edit' => Pages\EditUser::route('/{record}/edit'),
|
||
];
|
||
}
|
||
}
|