Role CRUD accessibility is bypassed

Question

Role CRUD accessibility is bypassed

blalmal10a opened this issue 2 months ago · comments

B. Lalmalsawma commented 2 months ago

Role can be accessed by user with/without any role in latest release i.e. version 3.2.4.

Using 3.2.3 for now.

Pujen Solanki · Answer 1 · Mon Apr 15 2024 21:41:33 GMT+0800 (China Standard Time)

Having the same issue. I managed to remove it from the sidebar nav bt changing config/filament-shield.php.

'shield_resource' => [ 'should_register_navigation' => false, //Change to False ]

However, if you have the URL, you can still access the Roles GUI with any user and make changes. Not sure if I am missing something but maybe there is a setting somewhere?

Pujen Solanki · Answer 2 · Mon Apr 15 2024 22:05:17 GMT+0800 (China Standard Time)

This may help -

You need to mark this as true. This fixed it for me.
'register_role_policy' => [ 'enabled' => true, ],

B. Lalmalsawma · Answer 3 · Tue Apr 16 2024 02:00:39 GMT+0800 (China Standard Time)

This may help -

You need to mark this as true. This fixed it for me. 'register_role_policy' => [ 'enabled' => true, ],

THANK YOU