### Install LaunchFil Starter Kit Source: https://github.com/josh48202/launchfil/blob/master/README.md These commands demonstrate how to install the LaunchFil starter kit for a new Laravel project. It involves using Composer or the Laravel installer, navigating to the project directory, and running a setup script. ```bash composer create-project wjbecker/launchfil --prefer-dist myapp or laravel new myapp --using=wjbecker/launchfil cd myapp composer setup ``` -------------------------------- ### PHP Role-Based Access Control Examples Source: https://context7.com/josh48202/launchfil/llms.txt Demonstrates how to check and enforce role-based access control for various role management operations using Spatie Laravel Permission and Filament Shield. It covers checking user permissions for viewing, creating, updating, deleting, restoring, force deleting, and replicating roles. The examples assume the user model and role model are correctly set up, and the necessary Spatie packages are installed and configured. ```php can('ViewAny:Role')) { // User can access role list $roles = Role::all(); } // Check if user can create roles if ($user->can('Create:Role')) { Role::create(['name' => 'editor']); } // Check if user can update a specific role $role = Role::findByName('editor'); if ($user->can('Update:Role')) { $role->update(['name' => 'content_editor']); } // Check if user can delete a role if ($user->can('Delete:Role')) { $role->delete(); } // Restore soft-deleted role if ($user->can('Restore:Role')) { $role->restore(); } // Force delete role permanently if ($user->can('ForceDelete:Role')) { $role->forceDelete(); } // Replicate role with permissions if ($user->can('Replicate:Role')) { $newRole = $role->replicate(); $newRole->name = 'content_editor_copy'; $newRole->save(); } // Reorder roles (custom permission) if ($user->can('Reorder:Role')) { // Custom reordering logic } ``` -------------------------------- ### Composer Scripts for Development Workflow Source: https://github.com/josh48202/launchfil/blob/master/README.md LaunchFil provides several Composer scripts to streamline the development workflow, including setup, running development servers, updating dependencies, linting code, and running tests. These scripts automate common development tasks. ```bash # Installs dependencies, sets up .env, migrates database, seeds, generates permissions, sets up super admin, installs NPM dependencies, and builds assets. composer setup # Runs multiple development processes simultaneously: Laravel dev server, queue worker, Pail log stream, and Vite dev server. composer dev # Updates all Composer and NPM dependencies. composer update:requirements # Runs code quality tools: Rector, Pint, and npm lint. composer lint # Runs the full testing suite: type coverage, unit tests, lint tests, and static analysis. composer test # Ensures 100% type coverage with Pest. composer test:type-coverage # Runs the unit test suite with Pest in parallel and reports coverage. composer test:unit # Dry-runs Pint and Rector, and executes npm run test:lint. composer test:lint # Runs Larastan for advanced static analysis. composer test:types # Automatically runs asset publishing, clears cache, and ensures requirements are updated after Composer updates. composer post-update-cmd # Discovers Laravel packages and ensures Filament is upgraded after every autoload dump. composer post-autoload-dump ``` -------------------------------- ### User Model with Social Login and Filament Integration Source: https://context7.com/josh48202/launchfil/llms.txt This PHP code demonstrates the setup of an Eloquent User model integrated with Filament, Spatie Permissions for roles, and FilamentBreezy for two-factor authentication. It includes examples of creating users, assigning roles, checking permissions, accessing social login data, and handling panel access. Deleting a user automatically cleans up associated socialite records. ```php 'John Doe', 'email' => 'john@example.com', 'password' => Hash::make('secure-password'), ]); // Assign role using Spatie Permission $user->assignRole('panel_user'); // Check permissions if ($user->hasRole('super_admin')) { // User has super admin access } // Access social login relationship if ($user->socialiteUser) { $provider = $user->socialiteUser->provider; // 'azure' $providerId = $user->socialiteUser->provider_id; } // Panel access check (required by FilamentUser interface) $panel = filament()->getCurrentPanel(); $canAccess = $user->canAccessPanel($panel); // Always returns true by default // Two-factor authentication (from FilamentBreezy) if ($user->hasEnabledTwoFactorAuthentication()) { // User has 2FA enabled } // When user is deleted, socialite relationship is automatically removed $user->delete(); // Cascade deletes associated SocialiteUser record ``` -------------------------------- ### Install Dependencies After Updates Source: https://context7.com/josh48202/launchfil/llms.txt After checking and identifying dependency updates in composer.json and package.json, run these commands to install the new versions. These commands are often triggered automatically by composer post-update hooks. ```bash composer install npm install ``` -------------------------------- ### Configure Filament Admin Panel with Authentication and Plugins Source: https://context7.com/josh48202/launchfil/llms.txt Sets up the Filament Admin Panel with a default path, custom color scheme, auto-discovery of resources, pages, and widgets. It integrates plugins for role management (FilamentShield), user management (FilamentUsers), user profiles and two-factor authentication (FilamentBreezy), and Azure OAuth login (FilamentSocialite). Two-factor authentication is enforced for non-social login users, and Azure authentication is restricted by a tenant allowlist. ```php default() ->id('admin') ->path('') // Admin panel at root URL ->login() ->colors([ 'primary' => Color::Amber, ]) ->discoverResources(in: app_path('Filament/Resources'), for: 'App\\Filament\\Resources') ->discoverPages(in: app_path('Filament/Pages'), for: 'App\\Filament\\Pages') ->discoverWidgets(in: app_path('Filament/Widgets'), for: 'App\\Filament\\Widgets') ->viteTheme('resources/css/filament/admin/theme.css') ->plugins([ // Role & permission management FilamentShieldPlugin::make(), // User management FilamentUsersPlugin::make(), // User profile & 2FA BreezyCore::make() ->myProfile( shouldRegisterNavigation: true, slug: 'profile', navigationGroup: 'Account', userMenuLabel: 'Profile' ) ->enableTwoFactorAuthentication( force: fn() => empty(auth()->user()->socialiteUser) ) ->enableBrowserSessions() ->enableSanctumTokens(false) ->passwordUpdateRules( rules: ['min:8', Password::default()->mixedCase()->uncompromised(3)], requiresCurrentPassword: false ), // Azure OAuth login FilamentSocialitePlugin::make() ->providers([ Provider::make('azure') ->label('Continue with Microsoft') ->icon('fab-microsoft') ->color(Color::hex('#FFFFFF')) ]) ->registration() ->authorizeUserUsing(function ($plugin, $oauthUser) { return AzureTenantAuthorizer::checkTenantAllowList($plugin, $oauthUser); }), ]); } } ``` -------------------------------- ### Run Database Seeder Commands Source: https://context7.com/josh48202/launchfil/llms.txt Provides bash commands to execute database seeding in a Laravel application. `php artisan migrate:fresh --seed` will reset the database and run all seeders, while `php artisan db:seed` will run seeders independently. An additional command `php artisan shield:super-admin --user=1` is shown for assigning super admin privileges. ```bash # Run seeder during setup php artisan migrate:fresh --seed # Run seeder independently php artisan db:seed # Create super admin after seeding php artisan shield:super-admin --user=1 ``` -------------------------------- ### Shield Permission Generation (Artisan CLI) Source: https://context7.com/josh48202/launchfil/llms.txt Artisan commands for generating permissions for Filament resources, pages, and widgets. This includes options for generating all permissions or for a specific panel, and for creating a super admin user. ```bash # Generate permissions for all entities php artisan shield:generate --all # Generate permissions for specific panel php artisan shield:generate --all --panel=admin # Generate and assign super admin php artisan shield:super-admin --user=1 ``` -------------------------------- ### Create Default Users with Database Seeder Source: https://context7.com/josh48202/launchfil/llms.txt This PHP script defines a database seeder to create two default user accounts ('Test Admin' and 'Test User') for local development and testing. It utilizes Laravel's factory to generate user data. The seeder can be run using Artisan commands. ```php create([ 'name' => 'Test Admin', 'email' => 'admin@example.com', ]); User::factory()->create([ 'name' => 'Test User', 'email' => 'test@example.com', ]); } } ``` -------------------------------- ### Filament Shield Permission Configuration (config/filament-shield.php) Source: https://context7.com/josh48202/launchfil/llms.txt PHP configuration array for the Filament Shield package. It defines permission generation settings, including the separator, case format, and whether to generate policies, along with a list of default policy methods. ```php 'permissions' => [ 'separator' => ':', 'case' => 'pascal', 'generate' => true, ], 'policies' => [ 'path' => app_path('Policies'), 'merge' => true, 'generate' => true, 'methods' => [ 'viewAny', 'view', 'create', 'update', 'delete', 'restore', 'forceDelete', 'forceDeleteAny', 'restoreAny', 'replicate', 'reorder', ], ], ``` -------------------------------- ### Azure AD Configuration (.env) Source: https://context7.com/josh48202/launchfil/llms.txt Environment variables for configuring Azure Active Directory authentication. These values are used in the Laravel application to connect to Azure AD for user login. ```env AZURE_CLIENT_ID=your-azure-application-id AZURE_CLIENT_SECRET=your-azure-client-secret AZURE_REDIRECT_URI=/oauth/callback/azure AZURE_TENANT_ID=common AZURE_ALLOWED_TENANTS=tenant-uuid-1,tenant-uuid-2 ``` -------------------------------- ### Laravel Azure Service Configuration (config/services.php) Source: https://context7.com/josh48202/launchfil/llms.txt PHP code snippet for configuring Azure authentication services within a Laravel application. It reads environment variables to set up the client ID, secret, redirect URI, and tenant information. ```php 'azure' => [ 'client_id' => env('AZURE_CLIENT_ID'), 'client_secret' => env('AZURE_CLIENT_SECRET'), 'redirect' => env('AZURE_REDIRECT_URI'), 'tenant' => env('AZURE_TENANT_ID'), 'proxy' => env('PROXY'), 'allowed_tenants' => env('AZURE_ALLOWED_TENANTS') ], ``` -------------------------------- ### Azure Tenant Authorization Configuration Source: https://context7.com/josh48202/launchfil/llms.txt Configure Azure OAuth login to restrict access to specific tenant IDs for enhanced enterprise security. This PHP code snippet shows how to integrate the AzureTenantAuthorizer using Filament Socialite. The authorizer checks the Azure JWT access token against a list of allowed tenant IDs defined in the .env file. ```php providers([ Provider::make('azure') ->label('Continue with Microsoft') ->icon('fab-microsoft') ->color(Color::hex('#FFFFFF')) ]) ->registration() ->authorizeUserUsing(function (FilamentSocialitePlugin $plugin, SocialiteUserContract $oauthUser) { return AzureTenantAuthorizer::checkTenantAllowList($plugin, $oauthUser); }); ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.