Extending The Package¶
Mental Model¶
This package is an admin integration, not the WebDAV runtime.
The core package owns authentication, storage resolution, path resolution, and request handling. This package owns the Filament resources and the supporting UI workflows around WebDAV account management.
Plugin Configuration¶
Register the plugin per panel:
use N3XT0R\LaravelWebdavServerFilament\LaravelWebdavServerFilamentPlugin;
$panel->plugin(LaravelWebdavServerFilamentPlugin::make());
Admin Resource¶
The admin-facing resource is registered by default. Disable it when the panel should not expose it:
User Resource (self-service)¶
The user-facing resource is disabled by default. Enable it for all authenticated users:
Enable it conditionally based on a callback that receives the authenticated user:
LaravelWebdavServerFilamentPlugin::make()
->userAccountResourceEnabledUsing(
fn (User $user): bool => $user->hasVerifiedEmail()
);
The callback runs on every navigation and page mount check. Keep it fast — avoid database queries inside it unless the result is cached.
The user resource enforces its access check independently of canAccess(), which means it is compatible with Filament
Shield and other authorization packages that extend canAccess().
Password Policy¶
The password validation rules applied to all password fields are controlled via config:
'password' => [
'min_length' => 16,
'require_mixed_case' => true,
'require_numbers' => true,
'require_symbols' => true,
],
All four keys are optional. Omitting a key falls back to the default shown above.
The auto-generated password (via the generate button) uses min_length as its length.
User Resource — Display Options¶
The meta key/value field is hidden on user account forms by default. Enable it when your application uses metadata that end users should be able to manage themselves:
The page descriptions shown on the list and create pages can be translated or overridden by publishing the package
language files and editing the resources.accounts.pages.list.description and
resources.accounts.pages.create.description keys.
User Select Field¶
Customize the user search field in the admin resource:
use Filament\Forms\Components\Select;
LaravelWebdavServerFilamentPlugin::make()
->userSelectUsing(function (Select $select): Select {
return $select->label('Owner');
});
Notifications¶
The package sends Laravel notifications for:
- WebDAV account creation
- WebDAV account password reset
Notifications can be disabled globally:
The notifications use the mail channel. They are standard Laravel notification classes, so applications can extend
the idea with additional channels if needed by publishing and overriding the notification classes.
Lifecycle Events¶
The package dispatches lifecycle events for:
- account created —
WebDavAccountCreatedEvent - account updated —
WebDavAccountUpdatedEvent - account deleted —
WebDavAccountDeletedEvent
All concrete events extend WebDavAccountEvent and expose:
record: the affected WebDAV account modelaction: the lifecycle action string
Listen to a concrete event for a specific workflow:
use N3XT0R\LaravelWebdavServerFilament\Events\WebDavAccountCreatedEvent;
Event::listen(WebDavAccountCreatedEvent::class, function (WebDavAccountCreatedEvent $event): void {
// Create an audit entry.
});
Listen to the base event for generic observability across all lifecycle actions:
use N3XT0R\LaravelWebdavServerFilament\Events\WebDavAccountEvent;
Event::listen(WebDavAccountEvent::class, function (WebDavAccountEvent $event): void {
logger()->info('WebDAV account lifecycle event', [
'action' => $event->action,
'record_id' => $event->record->getKey(),
]);
});
Resource Behavior¶
Admin Resource — Create¶
Creating an account:
- creates the WebDAV account through the core account management service
- links the account to the selected application user
- stores optional metadata
- dispatches lifecycle events
- sends a notification when enabled
The plain password is only available during the create request and is used for notification delivery.
Admin Resource — Edit¶
Editing an account:
- can update username, display name, enabled state, metadata, and password
- cannot change the linked application user after creation
- dispatches lifecycle events after successful persistence
User Resource — Create¶
Creating an account through the user-facing resource:
- automatically links the account to the currently authenticated user
- does not expose a user select field
- otherwise follows the same service and event workflow as the admin resource
User Resource — Edit¶
Editing an account through the user-facing resource:
- supports the same fields as the admin edit page, excluding the user select
- the linked user cannot be changed
View Page (both resources)¶
The view page adds a read-only WebDavUrlInput component. It resolves the URL through the core package WebDavPath
facade and provides a copy action.
Delete¶
Delete actions dispatch lifecycle events after successful deletion. Consumers can use the event record for logging even after the model has been deleted.
Testing Guidance¶
Run PHP and Composer commands inside the Docker PHP container:
docker compose exec php composer test:lint
docker compose exec php vendor/bin/phpunit tests/Feature/Resources/WebDavAccountResourceTest.php
docker compose exec php vendor/bin/phpunit tests/Feature/Resources/UserWebDavAccountResourceTest.php
Prefer targeted tests while developing. Run the full suite only when a change crosses multiple boundaries.
When adding behavior:
- use real Laravel, Filament, Eloquent, and notification behavior
- avoid PHPUnit mocks
- place concrete test-support implementations in
workbench/when needed - update
CHANGELOG.mdfor notable user-facing or developer-facing changes
Contribution Rules¶
Before changing code, read the ADRs: