授权

? Laravel 12+ ???? App\Providers\AppServiceProvider::boot() ???? gate?? Laravel 11 ????????? App\Providers\AuthServiceProvider::boot() ??:

use Illuminate\Support\Facades\Gate;

// ????????????????
Gate::define('escalated-agent', fn ($user) =>
    $user->is_agent
);

// ????????????SLA????????
Gate::define('escalated-admin', fn ($user) =>
    $user->is_admin
);

门禁名称可在config/escalated.php的authorization.admin_gate和authorization.agent_gate下配置。

在初始化器中配置lambda：

Escalated.configure do |config|
  config.admin_check = ->(user) { user.admin? }
  config.agent_check = ->(user) { user.agent? || user.admin? }
end

在设置中定义callable：

ESCALATED = {
    "ADMIN_CHECK": lambda user: user.is_staff,
    "AGENT_CHECK": lambda user: hasattr(user, "is_agent") and user.is_agent,
}

在配置中设置授权回调：

authorization: {
  isAgent: async (user) => {
    return user.role === 'agent' || user.role === 'admin'
  },
  isAdmin: async (user) => {
    return user.role === 'admin'
  },
}

定义两个Laravel门禁，然后在Filament插件中引用它们：

Gate::define('escalated-agent', fn ($user) => $user->is_agent);
Gate::define('escalated-admin', fn ($user) => $user->is_admin);

EscalatedFilamentPlugin::make()
    ->agentGate('escalated-agent')
    ->adminGate('escalated-admin')

WordPress使用内置的角色和权限。插件注册了两个自定义角色：

角色	说明
escalated_agent	可以查看和管理工单
escalated_admin	对设置、部门和SLA策略拥有完全访问权限

Authorization is handled entirely server-side. The Flutter package sends a Bearer token with each request, and your backend API controls what the authenticated user can access.

There are no client-side gates to define — the mobile app is a customer-facing UI, so agent and admin authorization checks only apply on the web.

Checking Auth State

Use the authProvider to check whether the current user is authenticated:

final authState = ref.watch(authProvider);

if (authState.isAuthenticated) {
  // User is logged in, show ticket list
} else {
  // Show login screen
}

Note: The escalated-agent and escalated-admin gates from your backend still apply to all API requests. The mobile app simply doesn't expose agent or admin views.

Authorization is handled entirely server-side. The React Native package sends a Bearer token with each request, and your backend API controls what the authenticated user can access.

There are no client-side gates to define — the mobile app is a customer-facing UI, so agent and admin authorization checks only apply on the web.

Checking Auth State

Use the useAuth hook to access the current user and authentication status:

import { useAuth } from '@escalated-dev/escalated-react-native';

function ProfileScreen() {
  const { user, isAuthenticated } = useAuth();

  if (!isAuthenticated) {
    return <LoginScreen />;
  }

  return <Text>Welcome, {user.name}</Text>;
}

Note: The escalated-agent and escalated-admin gates from your backend still apply to all API requests. The mobile app simply doesn't expose agent or admin views.