Disable Captcha & Oauth Settings actions when read only

[rmartinoscar]

Closes #1967

I used disabled() instead of authorize() cause i thought the section would look weird if it was completely empty.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds permission guards to the Settings page to prevent users without 'update settings' permission from executing captcha and OAuth toggle actions. The disabled condition prevents unauthorized access to these actions when users lack the required permission.

Changes

Cohort / File(s)	Summary
Permission Guards for Settings Actions app/Filament/Admin/Pages/Settings.php	Added disabled() conditions to captcha enable, captcha disable, oauth enable, and oauth disable actions to prevent execution when user lacks 'update settings' permission

Pre-merge checks

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and concisely describes the main change: disabling Captcha and OAuth settings actions in read-only mode, which is the core objective of the PR.
Description check	✅ Passed	The description relates to the changeset by explaining the implementation choice (disabled() vs authorize()) and references the linked issue #1967 that this PR addresses.
Linked Issues check	✅ Passed	The PR successfully implements the objective from #1967 by adding permission guards with disabled() to prevent users without update settings permission from interacting with Captcha and OAuth actions.
Out of Scope Changes check	✅ Passed	All changes are scoped to adding disabled() guards on the four relevant actions (captcha enable/disable, oauth enable/disable) as required by issue #1967, with no extraneous modifications.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7c0d53c and f9f38f4.

📒 Files selected for processing (1)

• app/Filament/Admin/Pages/Settings.php (2 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

app/Filament/Admin/Pages/Settings.php (2)

app/helpers.php (1)

• user (127-130)

app/Models/User.php (1)

• can (357-370)

🔇 Additional comments (2)

app/Filament/Admin/Pages/Settings.php (2)

298-309: LGTM! Captcha actions correctly disabled for read-only users.

The implementation successfully prevents users without 'update settings' permission from triggering captcha enable/disable actions. Both actions are covered, and the permission check is consistent with the application's authorization pattern.

---

571-594: LGTM! OAuth actions correctly disabled for read-only users.

The implementation successfully prevents users without 'update settings' permission from triggering OAuth enable/disable actions. Both actions are covered, including the more complex enable action with its modal and setup steps. The permission check is consistent with the application's authorization pattern.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}