Default RolePolicy overriding my own RolePolicy about nova-permission HOT 4 CLOSED

I'm not clear on why these policies exist at all? My understanding is that, in the absence of a policy, by default Nova will allow all actions on a resource. It seems like it would be much better to simply remove the policies and allow users to create their own if they require them.

We added them because of navigation. Are you using custom Role class instead of spatie's ones from the package?

from nova-permission.

@vyuldashev Yes I am, but the policy is registered for the Spatie\Permission\Contracts\Role interface which resolves to my custom App\Role class. I see now that yours is registered for the actual class specified in the config file. If I change mine to register the policy for my class directly, yours no longer overrides it.

Relying on the interface seems like it's probably the more "correct" approach to me, but it's debatable. In the meantime, I can use this work-around.

What needs to be present in my policy for navigation to work correctly? Just "viewAny"?

from nova-permission.

I will look into it.

What needs to be present in my policy for navigation to work correctly? Just "viewAny"?

There are more methods available: https://github.com/vyuldashev/nova-permission/blob/master/src/PermissionPolicy.php

from nova-permission.

I was working on this issue to submit a PR but it had a lot of breaking changes and it actually ended up being a re-write of this package.

So, I've created a new package: https://github.com/insenseanalytics/laravel-nova-permission

Key differences are as follows:

1. Solves this issue and #4
2. Also added the ability to use permissions based authorization for Nova resources (instead of policy based) if you'd like to do that for certain resources

Both forgetting the cache on attaching permissions and permission based authorization (optional) were critical for my application. Feel free to use it if you're in a similar boat. Cheers!

from nova-permission.