Skip to content

Cleanup, fix and expand various relation managers and lists#2456

Open
Boy132 wants to merge 5 commits into
mainfrom
boy132/random-stuff
Open

Cleanup, fix and expand various relation managers and lists#2456
Boy132 wants to merge 5 commits into
mainfrom
boy132/random-stuff

Conversation

@Boy132

@Boy132 Boy132 commented Jul 16, 2026

Copy link
Copy Markdown
Member

A bunch of smaller changes that improve our relation managers and lists.
This also includes fixes for actions and authorize checks.

@Boy132 Boy132 self-assigned this Jul 16, 2026
@coderabbitai

coderabbitai Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: f28dc7cc-88c0-4557-a123-f4e4c90669f4

📥 Commits

Reviewing files that changed from the base of the PR and between 2c02dc6 and 0d7a5ae.

📒 Files selected for processing (1)
  • app/Filament/Admin/Resources/Nodes/RelationManagers/ServersRelationManager.php

📝 Walkthrough

Walkthrough

Filament admin tables and relation managers now use authorization-aware edit links, shared console actions, revised allocation controls, updated icons and headings, and additional sorting, searching, and column visibility behavior.

Changes

Admin UI behavior

Layer / File(s) Summary
Shared actions and presentation
app/Filament/Components/Actions/ViewConsoleAction.php, app/Providers/Filament/FilamentServiceProvider.php, lang/en/admin/*
Adds the reusable console action, configures shared Filament actions and select rendering, and adds related translations.
Permission-aware server navigation
app/Filament/Admin/Resources/{Servers,Nodes,Users,Eggs}/..., app/Filament/Admin/Resources/DatabaseHosts/...
Replaces hardcoded edit routes with Filament page URL helpers guarded by update permissions, and adds console actions to server records.
Allocation management controls
app/Filament/Admin/Resources/{Nodes,Servers}/RelationManagers/AllocationsRelationManager.php
Updates allocation columns, icons, authorization checks, conditional deletion, and create/associate actions.
Table search and column behavior
app/Filament/Admin/Resources/Eggs/Pages/ListEggs.php, app/Filament/Admin/Resources/Nodes/Pages/ListNodes.php, app/Filament/Admin/Resources/Users/UserResource.php
Adjusts searchable and sortable behavior, removes the hidden egg ID column, and updates user table sorting.

Sequence Diagram(s)

sequenceDiagram
  actor Admin
  participant FilamentTable
  participant ViewConsoleAction
  participant Server
  Admin->>FilamentTable: select server action
  FilamentTable->>ViewConsoleAction: resolve server
  ViewConsoleAction->>Server: verify tenant access and build console URL
  Server-->>Admin: provide console URL
Loading

Possibly related PRs

  • pelican-dev/panel#1768: Introduces the global user() helper used by the permission-gated URL and action logic.
  • pelican-dev/panel#2050: Updates registration and usage of the server database relation manager touched by this change.
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title matches the PR scope by naming relation managers and lists, though it is broad.
Description check ✅ Passed The description is on-topic and matches the PR's focus on relation managers, lists, actions, and authorization checks.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)
app/Filament/Admin/Resources/Servers/Pages/ListServers.php (1)

74-85: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Fix global hidden toggle and address TODO.

The hidden() method on table columns is evaluated globally per-table, meaning it doesn't receive a specific $server instance to check permissions against. Toggling between two columns based on a global permission breaks if permissions vary per record.

To evaluate permissions per-record (resolving the TODO), consolidate this into a single SelectColumn and use the disabled() method instead. Additionally, the PR summary mentions disabling native select behavior, so you should append ->native(false) to finalize that objective.

💡 Proposed fix
                 SelectColumn::make('allocation_id')
                     ->label(trans('admin/server.primary_allocation'))
-                    ->hidden(fn () => !user()?->can('update server')) // TODO: update to policy check (fn (Server $server) --> $server is empty)
-                    ->disabled(fn (Server $server) => $server->allocations->count() <= 1)
+                    ->disabled(fn (Server $server) => !user()?->can('update', $server) || $server->allocations->count() <= 1)
                     ->options(fn (Server $server) => $server->allocations->mapWithKeys(fn ($allocation) => [$allocation->id => $allocation->address]))
                     ->selectablePlaceholder(fn (Server $server) => $server->allocations->count() <= 1)
                     ->placeholder(trans('admin/server.none'))
+                    ->native(false)
                     ->sortable(),
-                TextColumn::make('allocation_id_readonly')
-                    ->label(trans('admin/server.primary_allocation'))
-                    ->hidden(fn () => user()?->can('update server')) // TODO: update to policy check (fn (Server $server) --> $server is empty)
-                    ->state(fn (Server $server) => $server->allocation->address ?? trans('admin/server.none')),
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@app/Filament/Admin/Resources/Servers/Pages/ListServers.php` around lines 74 -
85, Replace the paired allocation columns with a single SelectColumn for
allocation_id; remove the global hidden callbacks and readonly TextColumn, and
use the record-aware disabled callback to prevent editing when the current
Server cannot be updated while preserving the existing allocation options and
placeholder behavior. Append native(false) to the SelectColumn configuration.
app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php (1)

116-126: 🗄️ Data Integrity & Integration | 🔴 Critical | ⚡ Quick win

Prevent mass updating all unassigned allocations globally.

The after closure for DissociateBulkAction executes an unrestricted update query: Allocation::whereNull('server_id')->update(...). This will unintentionally wipe out the notes and unlock every unassigned allocation in the entire database, not just the specific allocations that were selected for dissociation.

To affect only the selected records, accept the $records collection in the closure and scope the update explicitly to those IDs.

💡 Proposed fix
                 DissociateBulkAction::make()
-                    ->after(function () {
-                        Allocation::whereNull('server_id')->update([
+                    ->after(function (\Illuminate\Database\Eloquent\Collection $records) {
+                        Allocation::whereIn('id', $records->pluck('id'))->update([
                             'notes' => null,
                             'is_locked' => false,
                         ]);
 
                         if (!$this->getOwnerRecord()->allocation_id) {
                             $this->getOwnerRecord()->update(['allocation_id' => $this->getOwnerRecord()->allocations()->first()?->id]);
                         }
                     }),
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php`
around lines 116 - 126, Update the DissociateBulkAction after closure to accept
the selected $records collection and restrict the Allocation update to those
records’ IDs while retaining the existing notes and is_locked values. Remove the
global whereNull-only update, and preserve the owner allocation_id fallback
logic.
app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php (1)

115-136: 🎯 Functional Correctness | 🔴 Critical | ⚡ Quick win

Incorrect Action classes used in Form Schemas.

Both files incorrectly reuse the Table Action namespace inside the Create form schema. In Filament, actions passed to form methods like hintAction and suffixAction MUST be instances of Filament\Forms\Components\Actions\Action. Using Filament\Tables\Actions\Action (or Page Actions) inside a form component will result in a TypeError.

To fix this, alias the Form Action in your imports (e.g., use Filament\Forms\Components\Actions\Action as FormAction;) and update the schemas:

  • app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php#L115-L136: Change Action::make('hint_refresh') and Action::make('custom_ip') to FormAction::make(...).
  • app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php#L142-L161: Change Action::make('refresh') and Action::make('custom_ip') to FormAction::make(...).
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php`
around lines 115 - 136, Replace the table/page Action import with an aliased
Filament form action in both allocation relation managers. In
app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php
lines 115-136, use FormAction for hint_refresh and custom_ip; likewise in
app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php
lines 142-161, use FormAction for refresh and custom_ip.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php`:
- Around line 14-16: Replace the Filament\Actions imports used by the relation
manager’s recordActions and toolbarActions with the corresponding
Filament\Tables\Actions equivalents, including Action, CreateAction, and
DeleteAction. Leave the table configuration behavior unchanged.

In
`@app/Filament/Admin/Resources/Nodes/RelationManagers/ServersRelationManager.php`:
- Around line 40-44: Update the name column’s URL callback in the
ServersRelationManager to authorize and link to the server’s edit page using the
server record and its edit-page URL, rather than the node’s EditNode URL.
Preserve the existing permission check and null URL behavior when unauthorized.

---

Outside diff comments:
In
`@app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php`:
- Around line 115-136: Replace the table/page Action import with an aliased
Filament form action in both allocation relation managers. In
app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php
lines 115-136, use FormAction for hint_refresh and custom_ip; likewise in
app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php
lines 142-161, use FormAction for refresh and custom_ip.

In `@app/Filament/Admin/Resources/Servers/Pages/ListServers.php`:
- Around line 74-85: Replace the paired allocation columns with a single
SelectColumn for allocation_id; remove the global hidden callbacks and readonly
TextColumn, and use the record-aware disabled callback to prevent editing when
the current Server cannot be updated while preserving the existing allocation
options and placeholder behavior. Append native(false) to the SelectColumn
configuration.

In
`@app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php`:
- Around line 116-126: Update the DissociateBulkAction after closure to accept
the selected $records collection and restrict the Allocation update to those
records’ IDs while retaining the existing notes and is_locked values. Remove the
global whereNull-only update, and preserve the owner allocation_id fallback
logic.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 14b6d7bf-3972-4d7e-a316-b66ddc9c279e

📥 Commits

Reviewing files that changed from the base of the PR and between 1f2ff09 and b54e4a8.

📒 Files selected for processing (15)
  • app/Filament/Admin/Resources/DatabaseHosts/RelationManagers/DatabasesRelationManager.php
  • app/Filament/Admin/Resources/Eggs/Pages/ListEggs.php
  • app/Filament/Admin/Resources/Eggs/RelationManagers/ServersRelationManager.php
  • app/Filament/Admin/Resources/Nodes/Pages/ListNodes.php
  • app/Filament/Admin/Resources/Nodes/RelationManagers/AllocationsRelationManager.php
  • app/Filament/Admin/Resources/Nodes/RelationManagers/ServersRelationManager.php
  • app/Filament/Admin/Resources/Servers/Pages/ListServers.php
  • app/Filament/Admin/Resources/Servers/RelationManagers/AllocationsRelationManager.php
  • app/Filament/Admin/Resources/Servers/RelationManagers/DatabasesRelationManager.php
  • app/Filament/Admin/Resources/Users/RelationManagers/ServersRelationManager.php
  • app/Filament/Admin/Resources/Users/UserResource.php
  • app/Filament/Components/Actions/ViewConsoleAction.php
  • app/Providers/Filament/FilamentServiceProvider.php
  • lang/en/admin/node.php
  • lang/en/admin/server.php
💤 Files with no reviewable changes (1)
  • app/Filament/Admin/Resources/Nodes/Pages/ListNodes.php

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@app/Filament/Admin/Resources/Nodes/RelationManagers/ServersRelationManager.php`:
- Line 41: Update the URL callback in the ServersRelationManager table
configuration to pass the defined $server variable to the user()->can('update',
...) authorization check, while preserving the existing EditServer URL and null
behavior.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 0605b1ff-0eab-4a3b-90aa-9b38e5d3b5e6

📥 Commits

Reviewing files that changed from the base of the PR and between 721eed0 and 2c02dc6.

📒 Files selected for processing (1)
  • app/Filament/Admin/Resources/Nodes/RelationManagers/ServersRelationManager.php

Comment thread app/Filament/Admin/Resources/Nodes/RelationManagers/ServersRelationManager.php Outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants