// the find
bezhanSalleh/filament-shield
The easiest and most intuitive way to add access management to your Filament Panel; Resources, Pages & Widgets through `spatie/laravel-permission`
Filament Shield wires spatie/laravel-permission into a Filament admin panel, auto-generating policies, permissions, and a role management UI for Resources, Pages, and Widgets. It's aimed at Laravel devs building multi-role admin panels who want RBAC without writing all the boilerplate themselves. The 4.x rewrite is a clean break from 3.x and is not backward compatible.
- Permission key composition is fully hookable via `buildPermissionKeyUsing`, which cleanly solves the real-world problem of two resources with the same class name in different namespaces generating conflicting permission strings.
- CLI tooling is genuinely useful: `shield:generate` targets individual resources/pages/widgets, `shield:seeder` exports roles with optional password handling, and commands can be individually prohibited in production via `prohibit()` — that last part is a nice safety net.
- 32 language translations included and the localization fallback chain (user file → package defaults → headline conversion) is sensible and doesn't force you to translate everything upfront.
- Test coverage spans permissions, seeder commands, plugin configuration, and tenancy scenarios with dedicated test cases, which is better than most Filament plugins.
- The v3→v4 upgrade is painful: you must manually reconstruct the old permission key format in AppServiceProvider using a fairly gnarly string-manipulation closure just to avoid blowing up existing role assignments. There's no migration helper command.
- No built-in user-role assignment UI — the README punts to 'add a Select component yourself', which is fine for simple cases but leaves tenancy-aware role assignment as copy-paste boilerplate with no guard against getting the pivot values wrong.
- Policy generation overwrites files by default unless `--ignore-existing-policies` is passed, meaning a `shield:generate --all` after customizing a policy will silently destroy your changes if you forget the flag.
- The config file is the primary extension point for things like excluded resources and custom permissions, which means these settings can't vary per-panel in a multi-panel setup without workarounds — the config is global even though Filament panels are not.