Autorisierung

Definiere zwei Gates in App\Providers\AppServiceProvider::boot() fuer Laravel 12+ oder in App\Providers\AuthServiceProvider::boot() fuer Laravel 11 und aelter:

use Illuminate\Support\Facades\Gate;

// Wer auf das Agent-Dashboard zugreifen und Tickets verwalten kann
Gate::define('escalated-agent', fn ($user) =>
    $user->is_agent
);

// Wer auf Admin-Einstellungen zugreifen kann (Abteilungen, SLAs, Regeln usw.)
Gate::define('escalated-admin', fn ($user) =>
    $user->is_admin
);

Gate-Namen sind über config/escalated.php unter authorization.admin_gate und authorization.agent_gate konfigurierbar.

Konfigurieren Sie Lambdas im Initializer:

Escalated.configure do |config|
  config.admin_check = ->(user) { user.admin? }
  config.agent_check = ->(user) { user.agent? || user.admin? }
end

Definieren Sie Callables in Ihren Einstellungen:

ESCALATED = {
    "ADMIN_CHECK": lambda user: user.is_staff,
    "AGENT_CHECK": lambda user: hasattr(user, "is_agent") and user.is_agent,
}

Konfigurieren Sie Autorisierungs-Callbacks in Ihrer Konfiguration:

authorization: {
  isAgent: async (user) => {
    return user.role === 'agent' || user.role === 'admin'
  },
  isAdmin: async (user) => {
    return user.role === 'admin'
  },
}

Definieren Sie zwei Laravel-Gates und referenzieren Sie diese im Filament-Plugin:

Gate::define('escalated-agent', fn ($user) => $user->is_agent);
Gate::define('escalated-admin', fn ($user) => $user->is_admin);

EscalatedFilamentPlugin::make()
    ->agentGate('escalated-agent')
    ->adminGate('escalated-admin')

WordPress verwendet integrierte Rollen und Fähigkeiten. Das Plugin registriert zwei benutzerdefinierte Rollen:

Rolle	Beschreibung
escalated_agent	Kann Tickets anzeigen und verwalten
escalated_admin	Vollzugriff auf Einstellungen, Abteilungen und SLA-Richtlinien

Authorization is handled entirely server-side. The Flutter package sends a Bearer token with each request, and your backend API controls what the authenticated user can access.

There are no client-side gates to define — the mobile app is a customer-facing UI, so agent and admin authorization checks only apply on the web.

Checking Auth State

Use the authProvider to check whether the current user is authenticated:

final authState = ref.watch(authProvider);

if (authState.isAuthenticated) {
  // User is logged in, show ticket list
} else {
  // Show login screen
}

Note: The escalated-agent and escalated-admin gates from your backend still apply to all API requests. The mobile app simply doesn't expose agent or admin views.

Authorization is handled entirely server-side. The React Native package sends a Bearer token with each request, and your backend API controls what the authenticated user can access.

There are no client-side gates to define — the mobile app is a customer-facing UI, so agent and admin authorization checks only apply on the web.

Checking Auth State

Use the useAuth hook to access the current user and authentication status:

import { useAuth } from '@escalated-dev/escalated-react-native';

function ProfileScreen() {
  const { user, isAuthenticated } = useAuth();

  if (!isAuthenticated) {
    return <LoginScreen />;
  }

  return <Text>Welcome, {user.name}</Text>;
}

Note: The escalated-agent and escalated-admin gates from your backend still apply to all API requests. The mobile app simply doesn't expose agent or admin views.