Couldn’t get permission for the export

- Laravel Version: 9.34
- Nova Version: 4.15.2
- PHP Version: 8.0.22
- Database Driver & Version: PostgreSQL 10
- Operating System and Version: Alpine Linux 3.15
- Browser type and version: Firefox 105.0.1

Model policy:
```php
<?php

namespace App\Policies;

use App\Models\Message;
use App\Models\Permission;
use App\Models\Role;
use App\User;
use Illuminate\Auth\Access\HandlesAuthorization;

class MessagePolicy
{
    use HandlesAuthorization;

    public function viewAny(User $user)
    {
        if ($user->checkRole(Role::ADMIN) || $user->checkRoleAndPermission(Role::CLIENT, Permission::MESSAGE_LIST)) {
            return true;
        }

        return false;
    }

    public function view(User $user)
    {
        if ($user->checkRole(Role::ADMIN) || $user->checkRoleAndPermission(Role::CLIENT, Permission::MESSAGE_DETAILS)) {
            return true;
        }

        return false;
    }

    public function create(User $user)
    {
        return false;
    }

    public function update(User $user)
    {
        return $user->checkRoleAndPermission(Role::ADMIN, Permission::MESSAGE_UPDATE);
    }

    public function delete(User $user)
    {
        return $user->checkRoleAndPermission(Role::ADMIN, Permission::MESSAGE_DELETE);
    }

    public function restore(User $user)
    {
        return $user->checkRoleAndPermission(Role::ADMIN, Permission::MESSAGE_RESTORE);
    }

    public function forceDelete(User $user)
    {
        return false;
    }

    public function runAction(User $user)
    {
        return true;
    }

    public function runDestructiveAction(User $user)
    {
        return true;
    }
}
```

Nova model:
…

```php
/**
 * The relationships that should be eager loaded on index queries.
 *
 * @var array
 */
public static $with = ['routes'];

...

public function actions(NovaRequest $request)
{
    return [
        (new Actions\MessagesExport())->onFailure(function() {
            return Action::danger('Oh dear! I could not create that export for you.');
        })→askForFilename(),
        ExportAsCsv::make()->nameable()
    ];
}
...
```

RoutesPolicy is equal to MessagePolicy
There are 2 roles: Administrator and Client.
Client has no rights for editing or deleting record but has to have possibility to export data.
Export works only with Administrator role. With Client role after click the Export action nothing happens (no request to the server). No errors in the console as well.
I tried to use built-in Nova class ExportAsCsv and library aatwebsite Laravel Nova Excel and got the same result.
The documentation says (https://nova.laravel.com/docs/4.0/resources/authorization.html#undefined-policy-methods) if there is no methods for specific action Nova would use default extension. At the same time, there is a priority of methods (https://nova.laravel.com/docs/4.0/actions/registering-actions.html#authorization-via-resource-policy).
Considering that with Administrator role everything works I can suppose thet priority is broken and action is prohibited based on methods update and delete insted of using methods runAction and runDestructiveAction.
Could you help me with this issue?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Couldn’t get permission for the export #4940

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Couldn’t get permission for the export #4940

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions