Fix: Custom authorization serialization issue (v1.1.3)

AlizHarb · AlizHarb · commit 7542dd3e4d65 · 2025-12-15T06:27:56.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,14 @@ All notable changes to `filament-activity-log` will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.1.3] - 2025-12-15
+
+### Fixed
+
+- **Custom Authorization Serialization** - Fixed `Your configuration files could not be serialized` error when using `custom_authorization` with config caching.
+  - Added support for Class-Based Authorization (`checkCustomAuthorization` in `ActivityPolicy`).
+  - Updated documentation with examples and troubleshooting steps.
+
 ## [1.1.1] - 2025-12-12
 
 ### Fixed
diff --git a/CONFIGURATION.md b/CONFIGURATION.md
@@ -154,6 +154,34 @@ Use the `custom_authorization` callback to define your own logic:
 ],
 ```
 
+#### Example 5: Class-Based Authorization (Recommended for Config Caching)
+
+If you cache your configuration (`php artisan config:cache`), you cannot use Closures. Instead, use an invokable class:
+
+**config/filament-activity-log.php:**
+
+```php
+'permissions' => [
+    'custom_authorization' => \App\Security\ActivityLogAuthorization::class,
+],
+```
+
+**app/Security/ActivityLogAuthorization.php:**
+
+```php
+namespace App\Security;
+
+use App\Models\User;
+
+class ActivityLogAuthorization
+{
+    public function __invoke(User $user): bool
+    {
+        return $user->id === 1;
+    }
+}
+```
+
 **Important Notes:**
 
 - `custom_authorization` takes **precedence** over the `enabled` setting
@@ -304,6 +332,16 @@ And assign them through Filament Shield's UI.
    },
    ```
 
+### Issue: Configuration serialization error
+
+**Error:** `Your configuration files could not be serialized because the value at "filament-activity-log.permissions.custom_authorization" is non-serializable`
+
+**Solution:**
+
+You are likely running `php artisan config:cache` while using a Closure in your config file. Closures cannot be serialized.
+
+To fix this, switch to **Class-Based Authorization** (see Example 5 above) or remove the config cache if not needed (`php artisan config:clear`).
+
 ---
 
 ## Best Practices
diff --git a/config/filament-activity-log.php b/config/filament-activity-log.php
@@ -208,6 +208,7 @@
          *
          * Example: fn($user) => $user->id === 1
          * Example: fn($user) => $user->hasRole('super_admin')
+         * Example: 'App\Support\ActivityLogAuthorization' (class with __invoke method)
          */
         'custom_authorization' => null,
 
diff --git a/src/Policies/ActivityPolicy.php b/src/Policies/ActivityPolicy.php
@@ -19,6 +19,31 @@ class ActivityPolicy
 {
     use HandlesAuthorization;
 
+    /**
+     * Check for custom authorization.
+     *
+     * @param  User  $user  The authenticated user
+     * @return bool|null Boolean result if custom auth handles it, null otherwise
+     */
+    protected function checkCustomAuthorization(User $user): ?bool
+    {
+        $customAuthorization = config('filament-activity-log.permissions.custom_authorization');
+
+        if (is_callable($customAuthorization)) {
+            return $customAuthorization($user);
+        }
+
+        if (is_string($customAuthorization) && class_exists($customAuthorization)) {
+            $instance = app($customAuthorization);
+            
+            if (is_callable($instance)) {
+                return $instance($user);
+            }
+        }
+
+        return null;
+    }
+
     /**
      * Determine whether the user can view any activities.
      *
@@ -31,9 +56,9 @@ class ActivityPolicy
     public function viewAny(User $user): bool
     {
         // Check for custom authorization callback first
-        $customCallback = config('filament-activity-log.permissions.custom_authorization');
-        if ($customCallback && is_callable($customCallback)) {
-            return $customCallback($user);
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
         }
 
         if (! config('filament-activity-log.permissions.enabled', false)) {
@@ -57,6 +82,12 @@ public function viewAny(User $user): bool
      */
     public function view(User $user, Activity $activity): bool
     {
+        // Check for custom authorization callback first
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
+        }
+
         if (! config('filament-activity-log.permissions.enabled', false)) {
             return true;
         }
@@ -77,6 +108,12 @@ public function view(User $user, Activity $activity): bool
      */
     public function create(User $user): bool
     {
+        // Check for custom authorization callback first
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
+        }
+
         if (! config('filament-activity-log.permissions.enabled', false)) {
             return false;
         }
@@ -98,6 +135,12 @@ public function create(User $user): bool
      */
     public function update(User $user, Activity $activity): bool
     {
+        // Check for custom authorization callback first
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
+        }
+
         if (! config('filament-activity-log.permissions.enabled', false)) {
             return false;
         }
@@ -119,6 +162,12 @@ public function update(User $user, Activity $activity): bool
      */
     public function delete(User $user, Activity $activity): bool
     {
+        // Check for custom authorization callback first
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
+        }
+
         if (! config('filament-activity-log.permissions.enabled', false)) {
             return false;
         }
@@ -140,6 +189,12 @@ public function delete(User $user, Activity $activity): bool
      */
     public function restore(User $user, Activity $activity): bool
     {
+        // Check for custom authorization callback first
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
+        }
+
         if (! config('filament-activity-log.permissions.enabled', false)) {
             return false;
         }
@@ -161,6 +216,12 @@ public function restore(User $user, Activity $activity): bool
      */
     public function forceDelete(User $user, Activity $activity): bool
     {
+        // Check for custom authorization callback first
+        $result = $this->checkCustomAuthorization($user);
+        if ($result !== null) {
+            return $result;
+        }
+
         if (! config('filament-activity-log.permissions.enabled', false)) {
             return false;
         }

Original file line number	Diff line number	Diff line change
`@@ -208,6 +208,7 @@`
`208`	`208`	`*`
`209`	`209`	`* Example: fn($user) => $user->id === 1`
`210`	`210`	`* Example: fn($user) => $user->hasRole('super_admin')`
	`211`	`+ * Example: 'App\Support\ActivityLogAuthorization' (class with __invoke method)`
`211`	`212`	`*/`
`212`	`213`	`'custom_authorization' => null,`
`213`	`214`