Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How do I enable permissions checking in MoonShine resource controllers
    moonshine laravel


How do I enable permissions checking in MoonShine resource controllers


To enable permissions checking in MoonShine resource controllers, you need to follow these steps:

1. Set the `withPolicy` Property: In your resource class, set the `withPolicy` property to `true`. This property determines whether permissions checking is enabled for the resource controller.

php
   namespace App\MoonShine\Resources;

   use App\Models\Post;
   use MoonShine\Resources\ModelResource;

   class PostResource extends ModelResource {
       protected string $model = Post::class;
       protected bool $withPolicy = true; // Enable permissions checking
   }

2. Create a Policy: Use the Artisan command to create a policy for your resource. This policy will define the permissions for various actions (like view, create, update, delete).

bash
   php artisan moonshine:policy

3. Define Policy Methods: In the generated policy class, implement methods for each action you want to control. The available methods include:
- `viewAny`: for listing resources
- `view`: for viewing a single resource
- `create`: for creating a new resource
- `update`: for updating an existing resource
- `delete`: for deleting a resource
- `massDelete`: for bulk deletion
- `restore`: for restoring a soft-deleted resource
- `forceDelete`: for permanently deleting a resource

Example policy implementation:

php
   namespace App\Policies;

   use Illuminate\Auth\Access\HandlesAuthorization;
   use App\Models\Post;
   use MoonShine\Models\MoonshineUser;

   class PostPolicy {
       use HandlesAuthorization;

       public function viewAny(MoonshineUser $user) {
           return true; // Define your logic
       }

       public function view(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function create(MoonshineUser $user) {
           return true; // Define your logic
       }

       public function update(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function delete(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function massDelete(MoonshineUser $user) {
           return true; // Define your logic
       }

       public function restore(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }

       public function forceDelete(MoonshineUser $user, Post $item) {
           return true; // Define your logic
       }
   }

4. Additional Authorization Logic: If you need to add more complex authorization logic, you can use the `defineAuthorization` method in the `AuthServiceProvider`.

By following these steps, you can effectively enable and manage permissions checking in your MoonShine resource controllers, ensuring that access is appropriately controlled based on user roles and permissions[1][2].

Citations:
[1] https://moonshine-laravel.com/docs/resource/advanced/advanced-authorization
[2] https://moonshine-laravel.com/docs/resource/models-resources/resources-authorization
[3] https://github.com/SWEET1S/moonshine-roles-permissions
[4] https://moonshine-laravel.com/docs/resource/advanced/advanced-authentication
[5] https://moonshine.cutcode.dev/section/resources-index
[6] https://github.com/SWEET1S/moonshine-database
[7] https://stackoverflow.com/questions/7088486/best-way-to-do-permissions-checks-in-controllers
[8] https://moonshine-laravel.com