TenantAtlas/app/Filament/Resources/TenantResource/Pages/CreateTenant.php

<?php

namespace App\Filament\Resources\TenantResource\Pages;

use App\Filament\Pages\Onboarding\TenantOnboardingWizard;
use App\Filament\Resources\TenantResource;
use App\Models\User;
use App\Models\Workspace;
use App\Support\Workspaces\WorkspaceContext;
use Filament\Resources\Pages\CreateRecord;

class CreateTenant extends CreateRecord
{
    protected static string $resource = TenantResource::class;

    /**
     * Prevent setting legacy tenant credentials during create.
     * Credential setup should happen via the onboarding flow.
     *
     * @param  array<string, mixed>  $data
     * @return array<string, mixed>
     */
    protected function mutateFormDataBeforeCreate(array $data): array
    {
        unset(
            $data['app_client_id'],
            $data['app_client_secret'],
            $data['app_certificate_thumbprint'],
            $data['app_notes'],
        );

        $user = auth()->user();

        if (! $user instanceof User) {
            abort(403);
        }

        /** @var WorkspaceContext $context */
        $context = app(WorkspaceContext::class);

        $workspace = $context->resolveInitialWorkspaceFor($user, request());

        if (! $workspace instanceof Workspace) {
            abort(403);
        }

        $data['workspace_id'] = (int) $workspace->getKey();

        return $data;
    }

    protected function afterCreate(): void
    {
        $user = auth()->user();

        if (! $user instanceof User) {
            return;
        }

        $user->tenants()->syncWithoutDetaching([
            $this->record->getKey() => ['role' => 'owner'],
        ]);
    }

    protected function getRedirectUrl(): string
    {
        return TenantOnboardingWizard::getUrl(tenant: $this->record);
    }
}