Add „Edit .env“ button to Filament top navigation with password confirmation`

[Devsome]

Motivation

Administrators sometimes need to adjust environment configuration (e.g., API keys, database credentials, mail settings) without accessing the server via SSH or FTP. The default .env file is not exposed anywhere in the Filament admin panel. Adding a secure, password‑confirmed editor directly in the top navigation bar will streamline these changes and reduce the need for direct server access.

Proposed solution

1. Button in the top navbar
   A new icon‑button labeled “Edit .env” (or similar) will be placed in the top navigation bar of the Filament admin panel. It will be visible only to users with the appropriate permission (e.g., super_admin or a dedicated edit-env permission).

2. Password re‑authentication
   Clicking the button opens a password‑confirmation dialog (like Laravel’s password.confirm middleware behavior). The currently logged‑in admin must re‑enter their password to prove they are authorized to modify environment settings. After successful confirmation, the actual editor modal appears.

3. Modal with .env editor
   A modal dialog displays the current contents of the .env file (as plain text). The user can edit the text directly. The modal includes “Save” and “Cancel” buttons.

   • Loading: The existing .env is read from disk when the modal opens.
   • Saving: On save, the new content is written back to the .env file.
   • Error handling: If the file is not writable or a write error occurs, a clear error message is shown.

4. Security considerations

   • Only users with explicit permission can see the button.
   • Password confirmation is required every time the modal is opened (or at least once per session).
   • The environment file should never be cached or logged; only its last saved state is persisted to disk.
   • No command‑line execution (exec, shell_exec) is used – reading and writing happen via PHP’s file functions.

5. After saving
   A success notification is shown. Optionally, the admin is reminded that some changes may require a cache clear or application restart. A helper hint can be displayed inside the modal (e.g., “Changes take effect after the next request or after clearing config cache.”).

Acceptance criteria

• A new “Edit .env” navigation item appears in the Filament top bar for permitted users.
• Clicking it triggers a password confirmation step that matches the logged‑in user’s password.
• On successful confirmation, a modal opens displaying the current .env content inside an editable textarea.
• The content is read from the actual .env file on the server at the moment the modal opens.
• The user can modify the content and click “Save” to write the file.
• Appropriate success/error notifications are displayed based on the write result.
• If the file is not writable, a clear error is shown (no crash).
• The button is hidden from users without the required permission.
• The feature does not expose any sensitive data outside the admin session.
• Works on all supported environments (Linux, Windows, shared hosting) provided the .env file is writable by the PHP process.

Out of scope

• Syntax highlighting or validation of .env content.
• Automatic cache clearing after save.
• Version history or backups of the .env file.
• Support for editing other configuration files.