lizhuoran
a100b2dce7
- DocumentResource: 添加 document.view 权限检查 - SystemSettingResource: 添加 system-setting.view 权限检查 - ActivityLogResource: 添加 activity-log.view 权限检查 - TerminalResource: 添加 terminal.view 权限检查 - SopTemplateResource: 添加 sop-template.view 权限检查 - GroupResource: 添加 group.view 权限检查 - UserResource: 添加 user.view 权限检查 - RoleResource: 添加 role.viewAny 权限检查 所有资源都实现了 shouldRegisterNavigation() 方法 根据用户权限动态显示/隐藏导航菜单项
273 lines
12 KiB
PHP
273 lines
12 KiB
PHP
<?php
|
||
|
||
namespace App\Filament\Resources;
|
||
|
||
use App\Filament\Resources\RoleResource\Pages;
|
||
use Filament\Forms;
|
||
use Filament\Forms\Form;
|
||
use Filament\Resources\Resource;
|
||
use Filament\Tables;
|
||
use Filament\Tables\Table;
|
||
use Spatie\Permission\Models\Permission;
|
||
use Spatie\Permission\Models\Role;
|
||
|
||
class RoleResource extends Resource
|
||
{
|
||
protected static ?string $model = Role::class;
|
||
|
||
protected static ?string $navigationIcon = 'heroicon-o-shield-check';
|
||
|
||
protected static ?string $navigationLabel = '角色管理';
|
||
|
||
protected static ?string $modelLabel = '角色';
|
||
|
||
protected static ?string $pluralModelLabel = '角色';
|
||
|
||
protected static ?int $navigationSort = 5;
|
||
|
||
protected static ?string $navigationGroup = '系统管理';
|
||
|
||
/**
|
||
* 控制导航菜单是否显示
|
||
*/
|
||
public static function shouldRegisterNavigation(): bool
|
||
{
|
||
return auth()->user()?->can('role.viewAny') ?? false;
|
||
}
|
||
|
||
public static function form(Form $form): Form
|
||
{
|
||
return $form
|
||
->schema([
|
||
Forms\Components\Section::make('基本信息')
|
||
->schema([
|
||
Forms\Components\TextInput::make('name')
|
||
->label('角色标识')
|
||
->required()
|
||
->unique(ignoreRecord: true)
|
||
->maxLength(255)
|
||
->placeholder('例如: content-manager')
|
||
->helperText('角色的唯一标识符,使用小写字母和连字符')
|
||
->regex('/^[a-z0-9\-]+$/')
|
||
->validationMessages([
|
||
'regex' => '角色标识只能包含小写字母、数字和连字符',
|
||
])
|
||
->disabled(fn (?Role $record): bool => $record?->name === 'super-admin'),
|
||
|
||
Forms\Components\Select::make('guard_name')
|
||
->label('守卫')
|
||
->options([
|
||
'web' => 'Web',
|
||
])
|
||
->default('web')
|
||
->required()
|
||
->disabled(),
|
||
])
|
||
->columns(2),
|
||
|
||
Forms\Components\Section::make('权限配置')
|
||
->schema([
|
||
Forms\Components\CheckboxList::make('permissions')
|
||
->label('权限')
|
||
->relationship('permissions', 'name')
|
||
->options(function () {
|
||
return Permission::all()
|
||
->groupBy(function ($permission) {
|
||
// 按模块分组(取权限名称的第一部分)
|
||
return explode('.', $permission->name)[0];
|
||
})
|
||
->map(function ($permissions, $module) {
|
||
// 模块名称映射
|
||
$moduleNames = [
|
||
'document' => '文档管理',
|
||
'system-setting' => '系统设置',
|
||
'activity-log' => '操作日志',
|
||
'terminal' => '终端管理',
|
||
'sop-template' => 'SOP模板',
|
||
'group' => '分组管理',
|
||
'user' => '用户管理',
|
||
'role' => '角色管理',
|
||
];
|
||
|
||
$moduleName = $moduleNames[$module] ?? $module;
|
||
|
||
return $permissions->pluck('name', 'name')
|
||
->mapWithKeys(function ($name) use ($moduleName) {
|
||
// 操作名称映射
|
||
$action = explode('.', $name)[1] ?? '';
|
||
$actionNames = [
|
||
'viewAny' => '查看列表',
|
||
'view' => '查看详情',
|
||
'create' => '创建',
|
||
'update' => '编辑',
|
||
'delete' => '删除',
|
||
'download' => '下载',
|
||
'export' => '导出',
|
||
'sync' => '同步',
|
||
'publish' => '发布',
|
||
'archive' => '归档',
|
||
];
|
||
|
||
$actionName = $actionNames[$action] ?? $action;
|
||
$label = "{$moduleName} - {$actionName}";
|
||
|
||
return [$name => $label];
|
||
});
|
||
})
|
||
->flatten()
|
||
->toArray();
|
||
})
|
||
->columns(3)
|
||
->searchable()
|
||
->bulkToggleable()
|
||
->helperText('选择该角色拥有的权限')
|
||
->disabled(fn (?Role $record): bool => $record?->name === 'super-admin'),
|
||
])
|
||
->description('配置角色的权限,super-admin 角色拥有所有权限且不可修改'),
|
||
]);
|
||
}
|
||
|
||
public static function table(Table $table): Table
|
||
{
|
||
return $table
|
||
->columns([
|
||
Tables\Columns\TextColumn::make('name')
|
||
->label('角色标识')
|
||
->searchable()
|
||
->sortable()
|
||
->weight('bold')
|
||
->badge()
|
||
->color(fn (string $state): string => match ($state) {
|
||
'super-admin' => 'danger',
|
||
'admin' => 'warning',
|
||
'user' => 'success',
|
||
default => 'gray',
|
||
}),
|
||
|
||
Tables\Columns\TextColumn::make('guard_name')
|
||
->label('守卫')
|
||
->badge()
|
||
->sortable()
|
||
->toggleable(),
|
||
|
||
Tables\Columns\TextColumn::make('permissions_count')
|
||
->label('权限数量')
|
||
->counts('permissions')
|
||
->sortable()
|
||
->alignCenter()
|
||
->badge()
|
||
->color('info'),
|
||
|
||
Tables\Columns\TextColumn::make('users_count')
|
||
->label('用户数量')
|
||
->counts('users')
|
||
->sortable()
|
||
->alignCenter()
|
||
->badge()
|
||
->color('success'),
|
||
|
||
Tables\Columns\IconColumn::make('is_system')
|
||
->label('系统角色')
|
||
->boolean()
|
||
->trueIcon('heroicon-o-lock-closed')
|
||
->falseIcon('heroicon-o-lock-open')
|
||
->trueColor('danger')
|
||
->falseColor('gray')
|
||
->getStateUsing(fn (Role $record): bool => $record->name === 'super-admin')
|
||
->alignCenter()
|
||
->tooltip(fn (Role $record): string =>
|
||
$record->name === 'super-admin'
|
||
? '系统角色,不可删除'
|
||
: '可以删除'
|
||
),
|
||
|
||
Tables\Columns\TextColumn::make('created_at')
|
||
->label('创建时间')
|
||
->dateTime('Y-m-d H:i:s')
|
||
->sortable()
|
||
->toggleable(isToggledHiddenByDefault: true),
|
||
|
||
Tables\Columns\TextColumn::make('updated_at')
|
||
->label('更新时间')
|
||
->dateTime('Y-m-d H:i:s')
|
||
->sortable()
|
||
->toggleable(isToggledHiddenByDefault: true),
|
||
])
|
||
->filters([
|
||
Tables\Filters\SelectFilter::make('guard_name')
|
||
->label('守卫')
|
||
->options([
|
||
'web' => 'Web',
|
||
]),
|
||
])
|
||
->actions([
|
||
Tables\Actions\ViewAction::make()
|
||
->label('查看'),
|
||
Tables\Actions\EditAction::make()
|
||
->label('编辑')
|
||
->visible(fn (Role $record): bool => $record->name !== 'super-admin'),
|
||
Tables\Actions\DeleteAction::make()
|
||
->label('删除')
|
||
->visible(fn (Role $record): bool => $record->name !== 'super-admin')
|
||
->before(function (Tables\Actions\DeleteAction $action, Role $record) {
|
||
// 检查是否有关联用户
|
||
if ($record->users()->count() > 0) {
|
||
\Filament\Notifications\Notification::make()
|
||
->danger()
|
||
->title('无法删除')
|
||
->body("该角色还有 {$record->users()->count()} 个用户,请先移除用户的角色后再删除。")
|
||
->persistent()
|
||
->send();
|
||
|
||
$action->cancel();
|
||
}
|
||
}),
|
||
])
|
||
->bulkActions([
|
||
Tables\Actions\BulkActionGroup::make([
|
||
Tables\Actions\DeleteBulkAction::make()
|
||
->label('批量删除')
|
||
->before(function (Tables\Actions\DeleteBulkAction $action, $records) {
|
||
// 检查是否包含 super-admin
|
||
if ($records->contains('name', 'super-admin')) {
|
||
\Filament\Notifications\Notification::make()
|
||
->danger()
|
||
->title('无法删除')
|
||
->body('不能删除 super-admin 角色')
|
||
->persistent()
|
||
->send();
|
||
|
||
$action->cancel();
|
||
return;
|
||
}
|
||
|
||
// 检查是否有关联用户
|
||
$rolesWithUsers = $records->filter(fn ($role) => $role->users()->count() > 0);
|
||
if ($rolesWithUsers->count() > 0) {
|
||
$roleNames = $rolesWithUsers->pluck('name')->join('、');
|
||
\Filament\Notifications\Notification::make()
|
||
->danger()
|
||
->title('无法删除')
|
||
->body("以下角色还有关联用户:{$roleNames},请先移除用户的角色后再删除。")
|
||
->persistent()
|
||
->send();
|
||
|
||
$action->cancel();
|
||
}
|
||
}),
|
||
]),
|
||
])
|
||
->defaultSort('created_at', 'desc');
|
||
}
|
||
|
||
public static function getPages(): array
|
||
{
|
||
return [
|
||
'index' => Pages\ListRoles::route('/'),
|
||
'create' => Pages\CreateRole::route('/create'),
|
||
'edit' => Pages\EditRole::route('/{record}/edit'),
|
||
'view' => Pages\ViewRole::route('/{record}'),
|
||
];
|
||
}
|
||
}
|