Skip to content

Feat / Implement User Access Control #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
thapacodes4u wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Feat / Implement User Access Control #6

thapacodes4u wants to merge 1 commit into from

Conversation

@thapacodes4u
Copy link
Contributor

@thapacodes4u thapacodes4u commented Oct 5, 2025
edited
Loading

Related Ticket FR-9
Related Ticket FR-10 "I think what we are trying to achieve in that ticket is solved by this as well just the approach is different. So you can treat this PR handling both of those ticket"

@codecov-commenter
Copy link

codecov-commenter commented Oct 5, 2025

Codecov Report

❌ Patch coverage is 70.42254% with 21 lines in your changes missing coverage. Please review.
✅ Project coverage is 66.03%. Comparing base (6999906) to head (7f4e29c).

Files with missing lines Patch % Lines
src/Pages/Auth/Login.php 0.00% 16 Missing ⚠️
src/Http/Middleware/CheckFrontendFeatures.php 84.84% 5 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff              @@
##               main       #6      +/-   ##
============================================
+ Coverage     62.90%   66.03%   +3.13%     
- Complexity       23       44      +21     
============================================
  Files             5        7       +2     
  Lines           124      159      +35     
============================================
+ Hits             78      105      +27     
- Misses           46       54       +8

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@thapacodes4u
Copy link
Contributor Author

thapacodes4u commented Oct 5, 2025

@SlimDeluxe Filament's tenant system (->tenant() with ->tenantDomain()) was incompatible with guest access because it requires authenticated users to pass the canAccessTenant() check, which caused 404 errors for guests trying to access the root path.

To resolve this, I removed the Filament tenant configuration and implemented tenant awareness manually using the existing Registry pattern. The CheckFrontendFeatures middleware now uses Registry::getSite() to get the current site context, and all settings queries filter by site_id to maintain tenant isolation. This approach works for both authenticated and guest users while preserving full tenant-scoped access control.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thapacodes4u @codecov-commenter