permission updates

Author: scott grayson

src/Models/LibraryItem.php

@@ -27,17 +27,13 @@ class LibraryItem extends Model implements HasMedia
         'updated_by',
         'external_url',
         'link_description',
-        'inherits_from_parent',
-        'link_role',
-        'link_token',
         'general_access',
     ];
 
     protected $casts = [
         'created_at' => 'datetime',
         'updated_at' => 'datetime',
         'deleted_at' => 'datetime',
-        'inherits_from_parent' => 'boolean',
     ];
 
     /**
@@ -60,19 +56,24 @@ protected static function boot(): void
         });
 
         static::created(function (self $item) {
-            // Creator gets special status - no need to store in permissions table
-            // They can never lose access and are always the creator
+            // Copy parent folder permissions to the new item
+            if ($item->parent_id) {
+                $parentPermissions = $item->parent->resourcePermissions()->get();
+
+                foreach ($parentPermissions as $permission) {
+                    $item->resourcePermissions()->create([
+                        'user_id' => $permission->user_id,
+                        'role' => $permission->role,
+                    ]);
+                }
+            }
         });
 
         static::updating(function (self $item) {
             if ($item->isDirty('name') && ! $item->isDirty('slug')) {
                 $item->slug = static::generateUniqueSlug($item->name, $item->parent_id, $item->id);
             }
 
-            // Generate link token when link_role is set for the first time
-            if ($item->isDirty('link_role') && $item->link_role && !$item->link_token) {
-                $item->link_token = static::generateLinkToken();
-            }
 
             // Set updated_by on updates
             if (auth()->check()) {
@@ -358,6 +359,11 @@ public function getInheritedGeneralAccessDisplay(): ?string
      */
     public function hasPermission($user, string $permission): bool
     {
+        // Admin users always have all permissions
+        if ($user && $user->hasRole('Admin')) {
+            return true;
+        }
+
         $effectiveRole = $this->getEffectiveRole($user);
 
         if (!$effectiveRole) {
@@ -525,17 +531,6 @@ protected static function generateUniqueSlug(string $name, ?int $parentId = null
         return $slug;
     }
 
-    /**
-     * Generate a unique link token for sharing.
-     */
-    protected static function generateLinkToken(): string
-    {
-        do {
-            $token = Str::random(32);
-        } while (static::where('link_token', $token)->exists());
-
-        return $token;
-    }
 
     /**
      * Get the access control options for the general access select.
@@ -545,8 +540,7 @@ public static function getAccessControlOptions(): array
         return [
             'inherit' => 'Inherit from parent',
             'private' => 'Private (owner only)',
-            'link_viewer' => 'Anyone with link — Viewer',
-            'link_editor' => 'Anyone with link — Editor',
+            'anyone_can_view' => 'Anyone can view',
         ];
     }
 
@@ -555,22 +549,17 @@ public static function getAccessControlOptions(): array
      */
     public function getEffectiveAccessControl(): string
     {
-        if (!$this->inherits_from_parent) {
-            if ($this->link_role === 'viewer') {
-                return 'link_viewer';
-            } elseif ($this->link_role === 'editor') {
-                return 'link_editor';
-            } else {
-                return 'private';
-            }
+        // If not inheriting, use the item's own setting
+        if ($this->general_access && $this->general_access !== 'inherit') {
+            return $this->general_access;
         }
 
-        // If inheriting from parent, check parent's setting
+        // If inheriting from parent, check parent's access control
         if ($this->parent_id) {
             return $this->parent->getEffectiveAccessControl();
         }
 
-        // Root level defaults to private
+        // Root level items default to private
         return 'private';
     }
 

src/Resources/Pages/CreatedByMe.php

@@ -34,4 +34,12 @@ public function getSubheading(): ?string
     {
         return 'Files and folders you created';
     }
+
+    public function getBreadcrumbs(): array
+    {
+        return [
+            static::getResource()::getUrl() => 'Library',
+            '' => 'Created by Me',
+        ];
+    }
 }

src/Resources/Pages/EditFile.php

@@ -22,17 +22,28 @@ protected function getHeaderActions(): array
     {
         $actions = [];
 
-        // Add "View Folder" action if we have a parent
+        // Add "Up One Level" action if we have a parent
         if ($this->getRecord()->parent_id) {
-            $actions[] = Action::make('view_folder')
-                ->label('View Folder')
+            $actions[] = Action::make('up_one_level')
+                ->label('Up One Level')
                 ->icon('heroicon-o-arrow-up')
                 ->color('gray')
                 ->url(
                     fn (): string => static::getResource()::getUrl('index', ['parent' => $this->getRecord()->parent_id])
                 );
         }
 
+        // Add "View" action - for folders go to list page, for files/links go to view page
+        $viewUrl = $this->getRecord()->type === 'folder'
+            ? static::getResource()::getUrl('index', ['parent' => $this->getRecord()->id])
+            : static::getResource()::getUrl('view', ['record' => $this->getRecord()->id]);
+
+        $actions[] = Action::make('view')
+            ->label('View')
+            ->icon('heroicon-o-eye')
+            ->color('gray')
+            ->url($viewUrl);
+
         $actions[] = DeleteAction::make()
             ->before(function () {
                 // Store parent_id before deletion
@@ -53,7 +64,6 @@ protected function mutateFormDataBeforeFill(array $data): array
         // Remove fields that shouldn't be editable
         unset($data['type']);
         unset($data['parent_id']);
-        unset($data['created_by']);
 
         // Load the current file into the media input
         $record = $this->getRecord();
@@ -117,6 +127,39 @@ public function form(\Filament\Schemas\Schema $schema): \Filament\Schemas\Schema
                         return $baseText;
                     })
                     ->visible(fn () => $this->getRecord()->hasPermission(auth()->user(), 'share')),
+
+                // Creator select field
+                \Filament\Forms\Components\Select::make('created_by')
+                    ->label('Creator')
+                    ->options(function () {
+                        return \App\Models\User::all()->mapWithKeys(function ($user) {
+                            // Check if 'name' field exists and has a value
+                            if (\Illuminate\Support\Facades\Schema::hasColumn('users', 'name') && $user->name) {
+                                return [$user->id => $user->name . ' (' . $user->email . ')'];
+                            }
+
+                            // Fall back to first_name/last_name if available
+                            if (\Illuminate\Support\Facades\Schema::hasColumn('users', 'first_name') && \Illuminate\Support\Facades\Schema::hasColumn('users', 'last_name')) {
+                                $firstName = $user->first_name ?? '';
+                                $lastName = $user->last_name ?? '';
+                                $fullName = trim($firstName . ' ' . $lastName);
+
+                                if ($fullName) {
+                                    return [$user->id => $fullName . ' (' . $user->email . ')'];
+                                }
+                            }
+
+                            // Fall back to email only
+                            return [$user->id => $user->email];
+                        });
+                    })
+                    ->searchable()
+                    ->preload()
+                    ->disabled(function () {
+                        // Only allow changes if user has library admin access (Admin role)
+                        return !auth()->user()?->hasRole('Admin');
+                    })
+                    ->helperText('Creator receives owner permissions'),
             ]);
     }
 

src/Resources/Pages/EditFolder.php

@@ -26,17 +26,28 @@ protected function getHeaderActions(): array
     {
         $actions = [];
 
-        // Add "View Folder" action if we have a parent
+        // Add "Up One Level" action if we have a parent
         if ($this->getRecord()->parent_id) {
-            $actions[] = Action::make('view_folder')
-                ->label('View Folder')
+            $actions[] = Action::make('up_one_level')
+                ->label('Up One Level')
                 ->icon('heroicon-o-arrow-up')
                 ->color('gray')
                 ->url(
                     fn (): string => static::getResource()::getUrl('index', ['parent' => $this->getRecord()->parent_id])
                 );
         }
 
+        // Add "View" action - for folders go to list page, for files/links go to view page
+        $viewUrl = $this->getRecord()->type === 'folder'
+            ? static::getResource()::getUrl('index', ['parent' => $this->getRecord()->id])
+            : static::getResource()::getUrl('view', ['record' => $this->getRecord()->id]);
+
+        $actions[] = Action::make('view')
+            ->label('View')
+            ->icon('heroicon-o-eye')
+            ->color('gray')
+            ->url($viewUrl);
+
         $actions[] = DeleteAction::make()
             ->before(function () {
                 // Store parent_id before deletion
@@ -57,7 +68,6 @@ protected function mutateFormDataBeforeFill(array $data): array
         // Remove fields that shouldn't be editable
         unset($data['type']);
         unset($data['parent_id']);
-        unset($data['created_by']);
 
         return $data;
     }
@@ -111,6 +121,39 @@ public function form(\Filament\Schemas\Schema $schema): \Filament\Schemas\Schema
                         return $baseText;
                     })
                     ->visible(fn () => $this->getRecord()->hasPermission(auth()->user(), 'share')),
+
+                // Creator select field
+                \Filament\Forms\Components\Select::make('created_by')
+                    ->label('Creator')
+                    ->options(function () {
+                        return \App\Models\User::all()->mapWithKeys(function ($user) {
+                            // Check if 'name' field exists and has a value
+                            if (\Illuminate\Support\Facades\Schema::hasColumn('users', 'name') && $user->name) {
+                                return [$user->id => $user->name . ' (' . $user->email . ')'];
+                            }
+
+                            // Fall back to first_name/last_name if available
+                            if (\Illuminate\Support\Facades\Schema::hasColumn('users', 'first_name') && \Illuminate\Support\Facades\Schema::hasColumn('users', 'last_name')) {
+                                $firstName = $user->first_name ?? '';
+                                $lastName = $user->last_name ?? '';
+                                $fullName = trim($firstName . ' ' . $lastName);
+
+                                if ($fullName) {
+                                    return [$user->id => $fullName . ' (' . $user->email . ')'];
+                                }
+                            }
+
+                            // Fall back to email only
+                            return [$user->id => $user->email];
+                        });
+                    })
+                    ->searchable()
+                    ->preload()
+                    ->disabled(function () {
+                        // Only allow changes if user has library admin access (Admin role)
+                        return !auth()->user()?->hasRole('Admin');
+                    })
+                    ->helperText('Creator receives owner permissions'),
             ]);
     }