Add policies to hide roles and permissions from admin in Filament

Author: SebKay

app/Policies/PermissionPolicy.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Policies;
+
+use App\Enums\Role;
+use App\Models\User;
+
+class PermissionPolicy
+{
+    public function viewAny(User $user): bool
+    {
+        return $user->hasRole(Role::SUPER_ADMIN);
+    }
+}

app/Policies/RolePolicy.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Policies;
+
+use App\Enums\Role;
+use App\Models\User;
+
+class RolePolicy
+{
+    public function viewAny(User $user): bool
+    {
+        return $user->hasRole(Role::SUPER_ADMIN);
+    }
+}

app/Providers/AuthServiceProvider.php

@@ -9,6 +9,11 @@
 
 class AuthServiceProvider extends ServiceProvider
 {
+    protected $policies = [
+        \Spatie\Permission\Models\Role::class => \App\Policies\RolePolicy::class,
+        \Spatie\Permission\Models\Permission::class => \App\Policies\PermissionPolicy::class,
+    ];
+
     public function boot(): void
     {
         // @codeCoverageIgnoreStart

tests/Integration/UserTest.php

@@ -46,11 +46,13 @@
         $this->seed(RolesAndPermissionsSeeder::class);
     });
 
-    it("can only access Filament if it's a \"super-admin\"", function () {
+    it("can only access Filament if it's a \"super-admin\" or \"admin\"", function () {
         $superAdminUser = User::factory()->superAdmin()->create();
         $adminUser = User::factory()->admin()->create();
+        $user = User::factory()->user()->create();
 
         expect($superAdminUser->canAccessPanel())->toBeTrue();
-        expect($adminUser->canAccessPanel())->toBeFalse();
+        expect($adminUser->canAccessPanel())->toBeTrue();
+        expect($user->canAccessPanel())->toBeFalse();
     });
 });