Getting started
Library
Components
Integrations
Authorization & policies
The Media Library uses a flexible authorization model that lets you control which users can perform which operations on files and folders. If you are upgrading from V3, your existing policies are automatically detected and bridged – no migration is required.
The V4 authorization model is built around FileAbility – an enum that represents every operation a user can perform on a file or folder. The available abilities are:
| Ability | Description |
|---|---|
| `FileAbility::Create` | Upload a new file or create a folder. |
| `FileAbility::View` | View a file or folder. |
| `FileAbility::Update` | Edit metadata. |
| `FileAbility::Rename` | Rename a file or folder. |
| `FileAbility::Delete` | Delete a file or folder. |
| `FileAbility::Download` | Download a file. |
| `FileAbility::Duplicate` | Duplicate a file or folder. |
| `FileAbility::Move` | Move a file or folder. |
| `FileAbility::Preview` | Open the file preview. |
| `FileAbility::Replace` | Replace the underlying file binary. |
Authorization is evaluated by one or more callbacks registered on the plugin via ->authorizeUsing(). Each callback receives the ability, the authenticated user, the subject (a FileData, a Collection of FileData, a FileType, or null for context-free checks) and an optional context FileData. A callback returns true/null to allow, or false to deny. The first callback that returns false stops evaluation and denies the request; if all callbacks return null, the operation is allowed.
To authorize file and folder operations, call ->authorizeUsing() on the plugin in your panel provider and pass a closure. The closure receives four arguments:
| Argument | Description |
|---|---|
| `FileAbility $ability` | The operation being attempted. |
| `?Authenticatable $user` | The authenticated user, or `null` for guests. |
| `FileType|FileData|Collection|null $subject` | The target of the operation. |
| `?FileData $context` | Additional context (for example, the destination folder when creating). |
Return false to deny the operation, or null (or nothing) to pass through to the next callback.
use RalphJSmit\Filament\MediaLibrary\FilamentMediaLibrary;
use RalphJSmit\Filament\Explore\Authorization\FileAbility;
use RalphJSmit\Filament\Explore\Data\FileData;
use Illuminate\Contracts\Auth\Authenticatable;
$panel->plugin(
FilamentMediaLibrary::make()
->authorizeUsing(function (FileAbility $ability, ?Authenticatable $user, mixed $subject): ?bool {
if ($ability === FileAbility::Delete && ! $user?->isAdmin()) {
return false;
}
return null;
}),
);You can register multiple ->authorizeUsing() callbacks on the same plugin instance – they are evaluated in the order they were registered. The first callback to return false denies the operation immediately; all others are skipped.
FilamentMediaLibrary::make()
->authorizeUsing($this->authorizeViewsForGuests(...))
->authorizeUsing($this->authorizeDeletesForAdmins(...))The
$subjectis typed asFileType|FileData|Collection|null. ACollectionis passed for bulk operations. Check the type withinstanceofbefore casting.
If you are upgrading from V3 and already have a MediaLibraryItemPolicy and/or MediaLibraryFolderPolicy registered in Laravel's Gate, you do not need to rewrite them. The Media Library automatically detects these policies on boot and bridges them to the V4 FileAbility model via the built-in LegacyPolicyAuthorization adapter.
How the bridge activates – during the plugin's boot() phase, it checks whether MediaLibraryItem or MediaLibraryFolder (or both) have a policy registered via Laravel's Gate. If at least one is found, a LegacyPolicyAuthorization callback is registered on the plugin via ->authorizeUsing(). If neither is registered, the bridge is skipped entirely. No configuration is required on your part – just keep your existing policies registered in your AuthServiceProvider.
Ability mapping – the bridge translates each FileAbility case to a policy method as follows.
For MediaLibraryItem (files):
| `FileAbility` | Policy method |
|---|---|
| `View`, `Preview`, `Download` | `view` |
| `Update`, `Rename` | `update` |
| `Delete` | `delete` |
| `Move` | `move` (falls back to `update` if absent) |
| `Replace` | `replace` |
| `Duplicate` | `duplicate` (falls back to `create` on the parent folder) |
| `Create` | `create` with the parent `MediaLibraryFolder` (or `null`) |
For MediaLibraryFolder (folders):
| `FileAbility` | Policy method |
|---|---|
| `View` | `view` |
| `Update`, `Rename` | `update` |
| `Delete` | `delete` |
| `Move` | `move` (falls back to `update` if absent) |
| `Duplicate` | `duplicate` → `move` → `update` (first found) |
| `Create` | `create` with the parent `MediaLibraryFolder` (or `null`) |
Abilities with no mapping for a given model type return null (pass-through), so the operation is not blocked unless another callback denies it.
Bulk operations – the bridge checks each item individually. If any single item is denied, the entire bulk action is denied.
Partial policies – you don't need to register both policies. If you only have a MediaLibraryItemPolicy, folder operations are not evaluated by the bridge (and vice versa). Each policy is checked independently.
That's everything you need to control access to the Media Library. Use ->authorizeUsing() on the plugin for fresh V4 setups, or rely on the automatic legacy-policy bridge if you are upgrading from V3 with existing policies.
For the full upgrade checklist, see the upgrade guide.