Skip to main content

Overview

Policies are Laravel classes that contain authorization logic. They determine which users can perform which actions on your resources.

Creating a Policy

Policies are located in src/Policies. Create a policy class: 
namespace Esign\UnleashCommerce\Admin\Policies;

class ProductPolicy
{
    public function view(User $user, Product $product)
    {
        return true;
    }

    public function create(User $user)
    {
        return true;
    }

    public function update(User $user, Product $product)
    {
        return true;
    }

    public function delete(User $user, Product $product)
    {
        return true;
    }
}

Policy Contracts

Always define a contract for each Policy in Esign\UnleashCommerce\Admin\Contracts\Filament\Policies: 
interface ProductPolicyContract
{
    // Define your policy methods
}

Super Admin Support

To enable super admin functionality, policy methods should return either true or null:
  • true: Action is allowed
  • null: Super admin check takes over
  • false: Action is denied (even for super admins)
public function delete(User $user, Product $product)
{
    if ($user->is_super_admin) {
        return true;
    }

    return null; // Super admin check will handle
}

Registering Policies

Register replacements via the FilamentPolicyManifest to allow swapping implementations.

Using Policies in Resources

Filament will automatically use your policies to control visibility of actions in the admin panel.