From 24bea56ec9cf841e632f1be48847d09664da06ae Mon Sep 17 00:00:00 2001
From: Cole Shirley <84236864+coleshirley@users.noreply.github.com>
Date: Wed, 23 Oct 2024 14:22:47 -0500
Subject: [PATCH 1/3] add warning about shouldRegisterNavigation method

---
 packages/panels/docs/06-navigation.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/packages/panels/docs/06-navigation.md b/packages/panels/docs/06-navigation.md
index a989a40de43..03c3ac2fa42 100644
--- a/packages/panels/docs/06-navigation.md
+++ b/packages/panels/docs/06-navigation.md
@@ -299,6 +299,8 @@ public static function shouldRegisterNavigation(): bool
 
 Please note that these methods do not control direct access to the resource or page. They only control whether the resource or page will show up in the navigation. If you want to also control access, then you should use [resource authorization](resources/getting-started#authorization) or [page authorization](pages#authorization).
 
+> The `shouldRegisterNavigation` method is called whether or not there is a currently authenticated user. If you are checking user permissions in this method you should always make sure to check if there is also a currently authenticated user. I.e `auth()->check() && auth()->user()->can('viewAny', Blog::class)`
+
 ## Using top navigation
 
 By default, Filament will use a sidebar navigation. You may use a top navigation instead by using the [configuration](configuration):

From ca3f13b4869aed50fbfa2200371a36a59a838d66 Mon Sep 17 00:00:00 2001
From: Cole Shirley <84236864+coleshirley@users.noreply.github.com>
Date: Wed, 23 Oct 2024 14:26:03 -0500
Subject: [PATCH 2/3] add canAccess method warning

---
 packages/panels/docs/04-pages.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/packages/panels/docs/04-pages.md b/packages/panels/docs/04-pages.md
index 3911e0d4b8d..d1b0f97cb06 100644
--- a/packages/panels/docs/04-pages.md
+++ b/packages/panels/docs/04-pages.md
@@ -25,10 +25,12 @@ You can prevent pages from appearing in the menu by overriding the `canAccess()`
 ```php
 public static function canAccess(): bool
 {
-    return auth()->user()->canManageSettings();
+    return auth()->check() && auth()->user()->canManageSettings();
 }
 ```
 
+> The canAccess method is called whether or not there is a currently authenticated user. If you are checking user permissions in this method you should always make sure to check if there is also a currently authenticated user. I.e `auth()->check() && auth()->user()->can('viewAny', Blog::class)`
+
 ## Adding actions to pages
 
 Actions are buttons that can perform tasks on the page, or visit a URL. You can read more about their capabilities [here](../actions).

From d2c2eb492fb5579697e4f4d1b9489674ef8f8a34 Mon Sep 17 00:00:00 2001
From: Dan Harrin <git@danharrin.com>
Date: Thu, 24 Oct 2024 11:41:54 +0100
Subject: [PATCH 3/3] Do not check tenants and navigation when generating URLs

---
 packages/panels/src/Http/Responses/Auth/LogoutResponse.php | 4 +---
 packages/panels/src/Panel/Concerns/HasRoutes.php           | 6 +++---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/packages/panels/src/Http/Responses/Auth/LogoutResponse.php b/packages/panels/src/Http/Responses/Auth/LogoutResponse.php
index 379199da9bb..39e51092a90 100644
--- a/packages/panels/src/Http/Responses/Auth/LogoutResponse.php
+++ b/packages/panels/src/Http/Responses/Auth/LogoutResponse.php
@@ -10,8 +10,6 @@ class LogoutResponse implements Responsable
 {
     public function toResponse($request): RedirectResponse
     {
-        return redirect()->to(
-            Filament::hasLogin() ? Filament::getLoginUrl() : Filament::getUrl(),
-        );
+        return redirect(Filament::getUrl());
     }
 }
diff --git a/packages/panels/src/Panel/Concerns/HasRoutes.php b/packages/panels/src/Panel/Concerns/HasRoutes.php
index 4bc973bbb5d..0051981c625 100644
--- a/packages/panels/src/Panel/Concerns/HasRoutes.php
+++ b/packages/panels/src/Panel/Concerns/HasRoutes.php
@@ -167,13 +167,13 @@ public function getPath(): string
 
     public function getUrl(?Model $tenant = null): ?string
     {
-        if ((! $this->auth()->check()) && $this->hasLogin()) {
-            return $this->getLoginUrl();
+        if (! $this->auth()->hasUser()) {
+            return $this->hasLogin() ? $this->getLoginUrl() : url($this->getPath());
         }
 
         $hasTenancy = $this->hasTenancy();
 
-        if ((! $tenant) && $hasTenancy && $this->auth()->hasUser()) {
+        if ((! $tenant) && $hasTenancy) {
             $tenant = Filament::getUserDefaultTenant($this->auth()->user());
         }