From 8352ef539f21f3c991f392193c042223b3adf0e4 Mon Sep 17 00:00:00 2001
From: Fady Mondy <info@3x1.io>
Date: Wed, 2 Oct 2024 13:59:44 +0300
Subject: [PATCH] add filament-shield integration

---
 README.md                               | 48 ++++++++++++++++
 src/Filament/Pages/Themes.php           |  2 +
 src/Filament/Pages/Traits/HasShield.php | 75 +++++++++++++++++++++++++
 src/FilamentCMSPlugin.php               | 12 ++++
 4 files changed, 137 insertions(+)
 create mode 100644 src/Filament/Pages/Traits/HasShield.php

diff --git a/README.md b/README.md
index 2a0aa07..4b5c886 100644
--- a/README.md
+++ b/README.md
@@ -313,6 +313,54 @@ use TomatoPHP\FilamentCms\Services\FilamentCMSFormBuilder;
 FilamentCMSFormBuilder::make('xvssd')->send($data)
 ```
 
+## Use Filament Shield
+
+you can use the shield to protect your resource and allow user roles by install it first
+
+```bash
+composer require bezhansalleh/filament-shield
+```
+
+Add the Spatie\Permission\Traits\HasRoles trait to your User model(s):
+
+```php
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Spatie\Permission\Traits\HasRoles;
+
+class User extends Authenticatable
+{
+    use HasRoles;
+
+    // ...
+}
+```
+Publish the config file then setup your configuration:
+
+```php
+->plugin(\BezhanSalleh\FilamentShield\FilamentShieldPlugin::make())
+```
+
+Now run the following command to install shield:
+
+```bash
+php artisan shield:install
+```
+
+Now we can [publish the package assets]([https://github.com/bezhanSalleh/filament-shield](https://github.com/tomatophp/filament-users?tab=readme-ov-file#publish-assets)).
+
+```bash
+php artisan vendor:publish --tag="filament-users-config"
+```
+
+now you need to allow it on the plugin options
+
+```php
+->plugin(\TomatoPHP\FilamentCms\FilamentCMSPlugin::make()->allowShield())
+```
+
+for more information check the [Filament Shield](https://github.com/bezhanSalleh/filament-shield)
+
+
 ## Publish Assets
 
 you can publish config file by use this command
diff --git a/src/Filament/Pages/Themes.php b/src/Filament/Pages/Themes.php
index d8d450b..0e5c9cc 100644
--- a/src/Filament/Pages/Themes.php
+++ b/src/Filament/Pages/Themes.php
@@ -12,12 +12,14 @@
 use Illuminate\Support\Facades\File;
 use Filament\Pages\Actions\ButtonAction;
 use Nwidart\Modules\Facades\Module;
+use TomatoPHP\FilamentCms\Filament\Pages\Traits\HasShield;
 use TomatoPHP\FilamentCms\Models\Theme;
 use TomatoPHP\FilamentCms\Settings\ThemesSettings;
 
 class Themes extends Page implements HasTable
 {
     use InteractsWithTable;
+    use HasShield;
 
     protected static ?string $navigationIcon = 'heroicon-o-swatch';
 
diff --git a/src/Filament/Pages/Traits/HasShield.php b/src/Filament/Pages/Traits/HasShield.php
new file mode 100644
index 0000000..8e1cd10
--- /dev/null
+++ b/src/Filament/Pages/Traits/HasShield.php
@@ -0,0 +1,75 @@
+<?php
+
+namespace TomatoPHP\FilamentCms\Filament\Pages\Traits;
+
+use BezhanSalleh\FilamentShield\Support\Utils;
+use Filament\Facades\Filament;
+use Illuminate\Support\Str;
+
+trait HasShield
+{
+    public function booted(): void
+    {
+        if(filament('filament-cms')->isShieldAllowed()){
+            $this->beforeBooted();
+
+            if (! static::canAccess()) {
+
+                Notification::make()
+                    ->title(__('filament-shield::filament-shield.forbidden'))
+                    ->warning()
+                    ->send();
+
+                $this->beforeShieldRedirects();
+
+                redirect($this->getShieldRedirectPath());
+
+                return;
+            }
+
+            if (method_exists(parent::class, 'booted')) {
+                parent::booted();
+            }
+
+            $this->afterBooted();
+        }
+    }
+
+    protected function beforeBooted(): void
+    {
+    }
+
+    protected function afterBooted(): void
+    {
+    }
+
+    protected function beforeShieldRedirects(): void
+    {
+    }
+
+    protected function getShieldRedirectPath(): string
+    {
+        return Filament::getUrl();
+    }
+
+    protected static function getPermissionName(): string
+    {
+        return Str::of(class_basename(static::class))
+            ->prepend(
+                Str::of(Utils::getPagePermissionPrefix())
+                    ->append('_')
+                    ->toString()
+            )
+            ->toString();
+    }
+
+    public static function canAccess(): bool
+    {
+        if(filament('filament-cms')->isShieldAllowed()){
+            return Filament::auth()->user()->can(static::getPermissionName());
+        }
+        else {
+            return true;
+        }
+    }
+}
diff --git a/src/FilamentCMSPlugin.php b/src/FilamentCMSPlugin.php
index c621d0d..71f97bf 100644
--- a/src/FilamentCMSPlugin.php
+++ b/src/FilamentCMSPlugin.php
@@ -29,6 +29,7 @@ class FilamentCMSPlugin implements Plugin
     public static bool $useThemeManager = false;
     public static bool $usePageBuilder = false;
     public static bool $useFormBuilder = false;
+    public static bool $allowShield = false;
 //    public static bool $useTicketingSystem = false;
     public static array $defaultLocales = ['ar', 'en'];
 
@@ -88,6 +89,17 @@ public function register(Panel $panel): void
         }
     }
 
+    public function allowShield(bool $allowShield = true): static
+    {
+        self::$allowShield = $allowShield;
+        return $this;
+    }
+
+    public function isShieldAllowed(): bool
+    {
+        return self::$allowShield;
+    }
+
     public function useFormBuilder(bool $useFormBuilder = true): static
     {
         self::$useFormBuilder = $useFormBuilder;