Peran & Hak Akses

@can('roles.manage') Buat Peran Baru @endcan
@if (($tab ?? 'list') === 'permissions') @php $term = trim((string) ($permissionSearch ?? '')); $guides = (array) config('rbac_guide.permissions', []); $filtered = collect($permissions ?? []) ->filter(fn ($p) => $p && trim((string) ($p->name ?? '')) !== '') ->filter(function ($p) use ($term, $guides) { $name = (string) $p->name; $label = \App\Helpers\RbacLabelHelper::permission($name); $summary = (string) (($guides[$name]['summary'] ?? '') ?: ''); if ($term === '') { return true; } $hay = mb_strtolower($name.' '.$label.' '.$summary); $needle = mb_strtolower($term); return str_contains($hay, $needle); }) ->values(); $grouped = $filtered->groupBy(function ($p) { $name = (string) $p->name; $parts = explode('.', $name); return (string) ($parts[0] ?? 'other'); })->sortKeys(); @endphp
Panduan Hak Akses
Daftar hak akses ditampilkan di bawah. Gunakan pencarian jika ingin mempersempit hasil.
Data sensitif = data pribadi pelanggan/member (mis. nomor telepon)
Finansial = berdampak pada nominal transaksi/stok
Sistem = pengaturan & kontrol akses
@if ($grouped->isNotEmpty())
@foreach ($grouped as $groupKey => $items) {{ \App\Helpers\RbacLabelHelper::permissionGroup((string) $groupKey) }} @endforeach
@endif
@forelse ($grouped as $groupKey => $items)
{{ \App\Helpers\RbacLabelHelper::permissionGroup((string) $groupKey) }}
{{ $items->count() }} hak akses
@foreach ($items as $perm) @php $name = (string) $perm->name; $guide = (array) ($guides[$name] ?? []); $risk = (array) ($guide['risk'] ?? []); $grants = (array) ($guide['grants'] ?? []); $notGrants = (array) ($guide['not_grants'] ?? []); $areas = (array) ($guide['affected_areas'] ?? []); $related = (array) ($guide['related_permissions'] ?? []); @endphp
{{ \App\Helpers\RbacLabelHelper::permission($name) }}
@if ((bool) ($risk['sensitive_data'] ?? false)) Data sensitif @endif @if ((bool) ($risk['financial_risk'] ?? false)) Finansial @endif @if ((bool) ($risk['system_risk'] ?? false)) Sistem @endif
Ringkasan
{{ (string) ($guide['summary'] ?? '-') }}
Area Terdampak
@if ($areas !== [])
    @foreach ($areas as $a)
  • • {{ $a }}
    • @endforeach
@else
-
@endif
Yang Bisa Dilakukan
@if ($grants !== [])
    @foreach ($grants as $g)
  • • {{ $g }}
    • @endforeach
@else
-
@endif
Yang Tidak Diberikan
@if ($notGrants !== [])
    @foreach ($notGrants as $ng)
  • • {{ $ng }}
    • @endforeach
@else
-
@endif
Permission Terkait
@if ($related !== [])
@foreach ($related as $r) {{ \App\Helpers\RbacLabelHelper::permission((string) $r) }} @endforeach
@else
-
@endif
@endforeach
@empty
Tidak ada hak akses yang cocok dengan pencarian.
@endforelse
@elseif (($tab ?? 'list') === 'guide') @php $approvalPermissions = ['transactions.void.approve', 'transactions.refund.approve']; @endphp

Prinsip desain peran

Peran adalah kumpulan hak akses. Nama peran bisa disesuaikan dengan SOP bisnis Anda.
  1. 1) Tentukan jobdesk (kasir, inventory, manajer, akuntansi).
  2. 2) Beri akses minimal dulu, tambah bertahap saat dibutuhkan.
  3. 3) Pisahkan akses sensitif: Data pribadi (PII), approval void/refund, dan pengaturan sistem.
  4. 4) Uji role dengan akun dummy: buka menu, coba aksi penting, pastikan sesuai SOP.
Untuk detail dampak setiap hak akses, gunakan tab Panduan Hak Akses.
Peran yang punya akses persetujuan pembatalan/refund sebaiknya menggunakan akun dengan PIN Manager dan pengguna terlatih.

Peran di sistem Anda

Ringkasan di bawah dihitung dari hak akses yang dimiliki peran saat ini.
@foreach ($guideRoles as $role) @php $name = (string) $role->name; $needsPin = method_exists($role, 'hasAnyPermission') ? $role->hasAnyPermission($approvalPermissions) : false; $hasPii = method_exists($role, 'hasAnyPermission') ? $role->hasAnyPermission(['transactions.pii.view', 'members.pii.view']) : false; $permList = method_exists($role, 'permissions') ? $role->permissions->pluck('name')->map(fn ($p) => (string) $p)->all() : []; $has = fn (string $p) => in_array($p, $permList, true); $hasAny = function (array $ps) use ($permList): bool { foreach ($ps as $p) { if (in_array((string) $p, $permList, true)) { return true; } } return false; }; $capabilities = []; if ($has('pos.access')) { $capabilities[] = 'Akses POS'; } if ($hasAny(['transactions.view', 'transactions.details', 'transactions.print'])) { $capabilities[] = 'Akses transaksi (lihat/detail/cetak sesuai izin)'; } if ($hasAny(['transactions.void', 'transactions.refund'])) { $capabilities[] = 'Koreksi transaksi (void/refund sesuai izin)'; } if ($hasAny($approvalPermissions)) { $capabilities[] = 'Approval koreksi transaksi'; } if ($hasAny(['members.view', 'members.create', 'members.edit', 'members.delete'])) { $capabilities[] = 'Akses member'; } if ($hasAny(['reports.view', 'reports.sales', 'reports.performance'])) { $capabilities[] = 'Akses laporan'; } if ($hasAny(['inventory.view', 'inventory.manage'])) { $capabilities[] = 'Akses inventory'; } if ($hasAny(['users.view', 'users.create', 'users.edit', 'users.delete'])) { $capabilities[] = 'Manajemen pengguna'; } if ($hasAny(['roles.view', 'roles.manage'])) { $capabilities[] = 'Manajemen peran & hak akses'; } if ($hasAny(['settings.view', 'settings.edit'])) { $capabilities[] = 'Akses pengaturan'; } @endphp
{{ \App\Helpers\RbacLabelHelper::role($name) }}
{{ $role->permissions->count() }} hak akses
@if ($needsPin) Perlu PIN @endif @if ($hasPii) Akses Data Pribadi (PII) @endif
@if ($capabilities !== [])
    @foreach ($capabilities as $cap)
  • • {{ $cap }}
    • @endforeach
@else

Peran ini belum memiliki hak akses atau hanya untuk kebutuhan khusus.

@endif
@endforeach
@else
@forelse ($roles as $role) @empty @endforelse
Nama Peran Jumlah Pengguna Jumlah Hak Akses Aksi
{{ \App\Helpers\RbacLabelHelper::role((string) $role->name) }} {{ $role->users_count }} {{ $role->permissions_count }}
@can('roles.manage') Ubah @if($role->name !== 'owner') @endif @endcan
Tidak ada data peran.
{{ $roles->links('livewire.pagination.admin') }}
@endif