mirror of
https://github.com/archtechx/tenancy.git
synced 2026-06-21 16:34:03 +00:00
Merge 0d177c7e9b into 652bc987ce
This commit is contained in:
lukinovec
GitHub
commit
02e5d7cd7c
16 changed files with 697 additions and 61 deletions
|
|
@ -5,14 +5,42 @@ declare(strict_types=1);
|
|||
namespace Stancl\Tenancy\Bootstrappers;
|
||||
|
||||
use Exception;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
use RuntimeException;
|
||||
use Stancl\Tenancy\Contracts\TenancyBootstrapper;
|
||||
use Stancl\Tenancy\Contracts\Tenant;
|
||||
use Stancl\Tenancy\Database\Contracts\TenantWithDatabase;
|
||||
use Stancl\Tenancy\Database\DatabaseManager;
|
||||
use Stancl\Tenancy\Database\Exceptions\TenantDatabaseDoesNotExistException;
|
||||
use Throwable;
|
||||
|
||||
class DatabaseTenancyBootstrapper implements TenancyBootstrapper
|
||||
{
|
||||
/**
|
||||
* When true, throw an exception if a tenant gets connected to
|
||||
* another tenant's database or to the central database.
|
||||
*
|
||||
* This case should never come up in well-configured apps where
|
||||
* users cannot set or edit tenant IDs or database names, so this
|
||||
* option is disabled by default.
|
||||
*
|
||||
* However, applications dealing with extremely sensitive data may
|
||||
* choose to enable this runtime check to prevent a bug or misconfiguration
|
||||
* from creating an exploit that would let an attacker access another
|
||||
* tenant's data or data from the central database.
|
||||
*
|
||||
* One way such a scenario might come up is if an application allows
|
||||
* broad tenant attribute updates on a page for updating some fields
|
||||
* on the tenant, without restricting that action to only a limited
|
||||
* set of fields that are safe to edit. An attacker might be able to add
|
||||
* something like ['tenancy_db_name' => '...'] to the request which could
|
||||
* lead to this internal attribute being updated on an existing tenant.
|
||||
*
|
||||
* It's possible that enabling this setting will negate the performance
|
||||
* benefits of cached tenant lookup.
|
||||
*/
|
||||
public static bool $harden = false;
|
||||
|
||||
/** @var DatabaseManager */
|
||||
protected $database;
|
||||
|
||||
|
|
@ -41,10 +69,39 @@ class DatabaseTenancyBootstrapper implements TenancyBootstrapper
|
|||
}
|
||||
|
||||
$this->database->connectToTenant($tenant);
|
||||
|
||||
if (static::$harden) {
|
||||
try {
|
||||
$this->verifyTenantCanUseDatabase($tenant);
|
||||
} catch (Throwable $e) {
|
||||
// Revert connection back to central
|
||||
$this->revert();
|
||||
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function revert(): void
|
||||
{
|
||||
$this->database->reconnectToCentral();
|
||||
}
|
||||
|
||||
protected function verifyTenantCanUseDatabase(Tenant $tenant): void
|
||||
{
|
||||
/** @var \Stancl\Tenancy\Database\Models\Tenant&TenantWithDatabase $tenant */
|
||||
$tenantDbName = $tenant->database()->getName();
|
||||
|
||||
// Check that no other tenant uses this tenant's database
|
||||
if ($tenant::where($tenant->getTenantKeyName(), '!=', $tenant->getTenantKey())
|
||||
->where($tenant::getDataColumn() . '->' . $tenant->internalPrefix() . 'db_name', $tenantDbName)
|
||||
->exists()) {
|
||||
throw new RuntimeException('Tenant cannot use a database of another tenant.');
|
||||
}
|
||||
|
||||
if (Schema::hasTable($tenant->getTable())) {
|
||||
// Throw if the current database/schema has the tenants table (i.e. it's not central)
|
||||
throw new RuntimeException('Tenant cannot use the central database.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,6 +28,9 @@ trait ManagesPostgresUsers
|
|||
$username = $databaseConfig->getUsername();
|
||||
$password = $databaseConfig->getPassword();
|
||||
|
||||
$this->validateParameter($username);
|
||||
$this->validatePassword($password);
|
||||
|
||||
$createUser = ! $this->userExists($username);
|
||||
|
||||
if ($createUser) {
|
||||
|
|
@ -44,6 +47,8 @@ trait ManagesPostgresUsers
|
|||
// Tenant DB username
|
||||
$username = $databaseConfig->getUsername();
|
||||
|
||||
$this->validateParameter($username);
|
||||
|
||||
// Tenant host connection config
|
||||
$connectionName = $this->connection()->getConfig('name');
|
||||
$centralDatabase = $this->connection()->getConfig('database');
|
||||
|
|
@ -77,6 +82,6 @@ trait ManagesPostgresUsers
|
|||
|
||||
public function userExists(string $username): bool
|
||||
{
|
||||
return (bool) $this->connection()->selectOne("SELECT usename FROM pg_user WHERE usename = '{$username}'");
|
||||
return (bool) $this->connection()->select('SELECT usename FROM pg_user WHERE usename = ?', [$username]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
96
src/Database/Concerns/ValidatesDatabaseParameters.php
Normal file
96
src/Database/Concerns/ValidatesDatabaseParameters.php
Normal file
|
|
@ -0,0 +1,96 @@
|
|||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Stancl\Tenancy\Database\Concerns;
|
||||
|
||||
use InvalidArgumentException;
|
||||
|
||||
/**
|
||||
* Provides methods to validate database parameters (e.g. database names, usernames, passwords)
|
||||
* before using them in SQL statements (or in file paths in the case of SQLiteDatabaseManager).
|
||||
*
|
||||
* Used where parameters can be provided by users, and where parameter binding cannot be used.
|
||||
*
|
||||
* @see \Stancl\Tenancy\Database\TenantDatabaseManagers\TenantDatabaseManager
|
||||
* @see \Stancl\Tenancy\Database\TenantDatabaseManagers\SQLiteDatabaseManager
|
||||
*/
|
||||
trait ValidatesDatabaseParameters
|
||||
{
|
||||
/**
|
||||
* Characters allowed in parameters.
|
||||
*
|
||||
* Used as the default allowlist in validateParameter(), which validates non-password
|
||||
* parameters such as database names or usernames.
|
||||
*
|
||||
* Since non-password parameters don't need to use as many special characters, we use
|
||||
* a stricter allowlist here.
|
||||
*/
|
||||
public static string $allowedParameterCharacters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-';
|
||||
|
||||
/**
|
||||
* Characters allowed in database user passwords.
|
||||
*
|
||||
* The allowlist for passwords is less strict than for other parameters
|
||||
* because it's more common to use more special characters in passwords.
|
||||
*/
|
||||
public static string $allowedPasswordCharacters = ' !#$%&()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~';
|
||||
|
||||
/**
|
||||
* Ensure that parameter (database name, username, etc.)
|
||||
* only contains allowed characters before being used in SQL statements
|
||||
* (or paths in the case of SQLiteDatabaseManager).
|
||||
*
|
||||
* By default, only the characters in $allowedParameterCharacters are allowed.
|
||||
*
|
||||
* @throws InvalidArgumentException
|
||||
*/
|
||||
protected function validateParameter(mixed $parameter, string|null $allowedCharacters = null): void
|
||||
{
|
||||
if (is_null($parameter)) {
|
||||
throw new InvalidArgumentException('Parameter cannot be null.');
|
||||
}
|
||||
|
||||
if (is_numeric($parameter)) {
|
||||
$parameter = (string) $parameter;
|
||||
}
|
||||
|
||||
if (! is_string($parameter)) {
|
||||
throw new InvalidArgumentException('Parameter has to be a string.');
|
||||
}
|
||||
|
||||
if ($parameter === '') {
|
||||
throw new InvalidArgumentException('Parameter cannot be an empty string.');
|
||||
}
|
||||
|
||||
$allowedCharacters ??= static::$allowedParameterCharacters;
|
||||
|
||||
foreach (str_split($parameter) as $character) {
|
||||
if (! str_contains($allowedCharacters, $character)) {
|
||||
throw new InvalidArgumentException("Forbidden character '{$character}' in parameter.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensure password only contains allowed characters ($allowedPasswordCharacters)
|
||||
* before being used in SQL statements.
|
||||
*
|
||||
* Used in permission controlled managers as a shorthand for calling validateParameter()
|
||||
* with the less strict allowlist to validate database user passwords.
|
||||
*
|
||||
* @throws InvalidArgumentException
|
||||
*/
|
||||
protected function validatePassword(string|null $password): void
|
||||
{
|
||||
if (is_null($password)) {
|
||||
throw new InvalidArgumentException('Password cannot be null.');
|
||||
}
|
||||
|
||||
if ($password === '') {
|
||||
throw new InvalidArgumentException('Password cannot be an empty string.');
|
||||
}
|
||||
|
||||
$this->validateParameter($password, allowedCharacters: static::$allowedPasswordCharacters);
|
||||
}
|
||||
}
|
||||
|
|
@ -12,16 +12,22 @@ class MicrosoftSQLDatabaseManager extends TenantDatabaseManager
|
|||
{
|
||||
$database = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($database);
|
||||
|
||||
return $this->connection()->statement("CREATE DATABASE [{$database}]");
|
||||
}
|
||||
|
||||
public function deleteDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
return $this->connection()->statement("DROP DATABASE [{$tenant->database()->getName()}]");
|
||||
$database = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($database);
|
||||
|
||||
return $this->connection()->statement("DROP DATABASE [{$database}]");
|
||||
}
|
||||
|
||||
public function databaseExists(string $name): bool
|
||||
{
|
||||
return (bool) $this->connection()->select("SELECT name FROM master.sys.databases WHERE name = '$name'");
|
||||
return (bool) $this->connection()->select('SELECT name FROM master.sys.databases WHERE name = ?', [$name]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,16 +14,38 @@ class MySQLDatabaseManager extends TenantDatabaseManager
|
|||
$charset = $this->connection()->getConfig('charset');
|
||||
$collation = $this->connection()->getConfig('collation');
|
||||
|
||||
return $this->connection()->statement("CREATE DATABASE `{$database}` CHARACTER SET `$charset` COLLATE `$collation`");
|
||||
$this->validateParameter($database);
|
||||
|
||||
// MySQL defaults to the server's charset and collation
|
||||
// if charset and collation are not specified.
|
||||
// If charset is specified but collation is null, MySQL
|
||||
// will choose a default collation for the specified charset (and vice versa).
|
||||
$statement = "CREATE DATABASE `{$database}`";
|
||||
|
||||
if ($charset !== null) {
|
||||
$this->validateParameter($charset);
|
||||
$statement .= " CHARACTER SET `{$charset}`";
|
||||
}
|
||||
|
||||
if ($collation !== null) {
|
||||
$this->validateParameter($collation);
|
||||
$statement .= " COLLATE `{$collation}`";
|
||||
}
|
||||
|
||||
return $this->connection()->statement($statement);
|
||||
}
|
||||
|
||||
public function deleteDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
return $this->connection()->statement("DROP DATABASE `{$tenant->database()->getName()}`");
|
||||
$database = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($database);
|
||||
|
||||
return $this->connection()->statement("DROP DATABASE `{$database}`");
|
||||
}
|
||||
|
||||
public function databaseExists(string $name): bool
|
||||
{
|
||||
return (bool) $this->connection()->select("SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '$name'");
|
||||
return (bool) $this->connection()->select('SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = ?', [$name]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,10 @@ class PermissionControlledMicrosoftSQLServerDatabaseManager extends MicrosoftSQL
|
|||
$username = $databaseConfig->getUsername();
|
||||
$password = $databaseConfig->getPassword();
|
||||
|
||||
$this->validateParameter($database);
|
||||
$this->validateParameter($username);
|
||||
$this->validatePassword($password);
|
||||
|
||||
// Create login
|
||||
$this->connection()->statement("CREATE LOGIN [$username] WITH PASSWORD = '$password'");
|
||||
|
||||
|
|
@ -37,12 +41,16 @@ class PermissionControlledMicrosoftSQLServerDatabaseManager extends MicrosoftSQL
|
|||
|
||||
public function deleteUser(DatabaseConfig $databaseConfig): bool
|
||||
{
|
||||
return $this->connection()->statement("DROP LOGIN [{$databaseConfig->getUsername()}]");
|
||||
$username = $databaseConfig->getUsername();
|
||||
|
||||
$this->validateParameter($username);
|
||||
|
||||
return $this->connection()->statement("DROP LOGIN [{$username}]");
|
||||
}
|
||||
|
||||
public function userExists(string $username): bool
|
||||
{
|
||||
return (bool) $this->connection()->select("SELECT sp.name as username FROM sys.server_principals sp WHERE sp.name = '{$username}'");
|
||||
return (bool) $this->connection()->select('SELECT sp.name as username FROM sys.server_principals sp WHERE sp.name = ?', [$username]);
|
||||
}
|
||||
|
||||
public function makeConnectionConfig(array $baseConfig, string $databaseName): array
|
||||
|
|
@ -54,11 +62,15 @@ class PermissionControlledMicrosoftSQLServerDatabaseManager extends MicrosoftSQL
|
|||
|
||||
public function deleteDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
$name = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($name);
|
||||
|
||||
// Close all connections to the database before deleting it
|
||||
// Set the database to SINGLE_USER mode to ensure that
|
||||
// No other connections are using the database while we're trying to delete it
|
||||
// Rollback all active transactions
|
||||
$this->connection()->statement("ALTER DATABASE [{$tenant->database()->getName()}] SET SINGLE_USER WITH ROLLBACK IMMEDIATE;");
|
||||
$this->connection()->statement("ALTER DATABASE [{$name}] SET SINGLE_USER WITH ROLLBACK IMMEDIATE;");
|
||||
|
||||
return parent::deleteDatabase($tenant);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,6 +25,10 @@ class PermissionControlledMySQLDatabaseManager extends MySQLDatabaseManager impl
|
|||
$username = $databaseConfig->getUsername();
|
||||
$password = $databaseConfig->getPassword();
|
||||
|
||||
$this->validateParameter($database);
|
||||
$this->validateParameter($username);
|
||||
$this->validatePassword($password);
|
||||
|
||||
$this->connection()->statement("CREATE USER `{$username}`@`%` IDENTIFIED BY '{$password}'");
|
||||
|
||||
$grants = implode(', ', static::$grants);
|
||||
|
|
@ -48,11 +52,15 @@ class PermissionControlledMySQLDatabaseManager extends MySQLDatabaseManager impl
|
|||
|
||||
public function deleteUser(DatabaseConfig $databaseConfig): bool
|
||||
{
|
||||
return $this->connection()->statement("DROP USER IF EXISTS '{$databaseConfig->getUsername()}'");
|
||||
$username = $databaseConfig->getUsername();
|
||||
|
||||
$this->validateParameter($username);
|
||||
|
||||
return $this->connection()->statement("DROP USER IF EXISTS '{$username}'");
|
||||
}
|
||||
|
||||
public function userExists(string $username): bool
|
||||
{
|
||||
return (bool) $this->connection()->select("SELECT count(*) FROM mysql.user WHERE user = '$username'")[0]->{'count(*)'};
|
||||
return (bool) $this->connection()->select('SELECT count(*) FROM mysql.user WHERE user = ?', [$username])[0]->{'count(*)'};
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,10 @@ class PermissionControlledPostgreSQLDatabaseManager extends PostgreSQLDatabaseMa
|
|||
$username = $databaseConfig->getUsername();
|
||||
$schema = $databaseConfig->connection()['search_path'];
|
||||
|
||||
$this->validateParameter($database);
|
||||
$this->validateParameter($username);
|
||||
$this->validateParameter($schema);
|
||||
|
||||
// Host config
|
||||
$connectionName = $this->connection()->getConfig('name');
|
||||
$centralDatabase = $this->connection()->getConfig('database');
|
||||
|
|
@ -32,10 +36,10 @@ class PermissionControlledPostgreSQLDatabaseManager extends PostgreSQLDatabaseMa
|
|||
$this->connection()->reconnect();
|
||||
|
||||
// Grant permissions to create and use tables in the configured schema ("public" by default) to the user
|
||||
$this->connection()->statement("GRANT USAGE, CREATE ON SCHEMA {$schema} TO \"{$username}\"");
|
||||
$this->connection()->statement("GRANT USAGE, CREATE ON SCHEMA \"{$schema}\" TO \"{$username}\"");
|
||||
|
||||
// Grant permissions to use sequences in the current schema to the user
|
||||
$this->connection()->statement("GRANT USAGE ON ALL SEQUENCES IN SCHEMA {$schema} TO \"{$username}\"");
|
||||
$this->connection()->statement("GRANT USAGE ON ALL SEQUENCES IN SCHEMA \"{$schema}\" TO \"{$username}\"");
|
||||
|
||||
// Reconnect to central database
|
||||
config(["database.connections.{$connectionName}.database" => $centralDatabase]);
|
||||
|
|
|
|||
|
|
@ -23,23 +23,27 @@ class PermissionControlledPostgreSQLSchemaManager extends PostgreSQLSchemaManage
|
|||
// Central database name
|
||||
$database = DB::connection(config('tenancy.database.central_connection'))->getDatabaseName();
|
||||
|
||||
$this->connection()->statement("GRANT CONNECT ON DATABASE {$database} TO \"{$username}\"");
|
||||
$this->validateParameter($username);
|
||||
$this->validateParameter($schema);
|
||||
$this->validateParameter($database);
|
||||
|
||||
$this->connection()->statement("GRANT CONNECT ON DATABASE \"{$database}\" TO \"{$username}\"");
|
||||
$this->connection()->statement("GRANT USAGE, CREATE ON SCHEMA \"{$schema}\" TO \"{$username}\"");
|
||||
$this->connection()->statement("GRANT USAGE ON ALL SEQUENCES IN SCHEMA \"{$schema}\" TO \"{$username}\"");
|
||||
|
||||
$tables = $this->connection()->select("SELECT table_name FROM information_schema.tables WHERE table_schema = '{$schema}' AND table_type = 'BASE TABLE'");
|
||||
$tables = $this->connection()->select("SELECT table_name FROM information_schema.tables WHERE table_schema = ? AND table_type = 'BASE TABLE'", [$schema]);
|
||||
|
||||
// Grant permissions to any existing tables. This is used with RLS
|
||||
foreach ($tables as $table) {
|
||||
$tableName = $table->table_name;
|
||||
|
||||
/** @var string $primaryKey */
|
||||
$primaryKey = $this->connection()->selectOne(<<<SQL
|
||||
$primaryKey = $this->connection()->selectOne(<<<'SQL'
|
||||
SELECT column_name
|
||||
FROM information_schema.key_column_usage
|
||||
WHERE table_name = '{$tableName}'
|
||||
WHERE table_name = ?
|
||||
AND constraint_name LIKE '%_pkey'
|
||||
SQL)->column_name;
|
||||
SQL, [$tableName])->column_name;
|
||||
|
||||
// Grant all permissions for all existing tables
|
||||
$this->connection()->statement("GRANT ALL ON \"{$schema}\".\"{$tableName}\" TO \"{$username}\"");
|
||||
|
|
|
|||
|
|
@ -10,16 +10,24 @@ class PostgreSQLDatabaseManager extends TenantDatabaseManager
|
|||
{
|
||||
public function createDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
return $this->connection()->statement("CREATE DATABASE \"{$tenant->database()->getName()}\" WITH TEMPLATE=template0");
|
||||
$name = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($name);
|
||||
|
||||
return $this->connection()->statement("CREATE DATABASE \"{$name}\" WITH TEMPLATE=template0");
|
||||
}
|
||||
|
||||
public function deleteDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
return $this->connection()->statement("DROP DATABASE \"{$tenant->database()->getName()}\"");
|
||||
$name = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($name);
|
||||
|
||||
return $this->connection()->statement("DROP DATABASE \"{$name}\"");
|
||||
}
|
||||
|
||||
public function databaseExists(string $name): bool
|
||||
{
|
||||
return (bool) $this->connection()->selectOne("SELECT datname FROM pg_database WHERE datname = '$name'");
|
||||
return (bool) $this->connection()->select('SELECT datname FROM pg_database WHERE datname = ?', [$name]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,17 +10,25 @@ class PostgreSQLSchemaManager extends TenantDatabaseManager
|
|||
{
|
||||
public function createDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
return $this->connection()->statement("CREATE SCHEMA \"{$tenant->database()->getName()}\"");
|
||||
$name = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($name);
|
||||
|
||||
return $this->connection()->statement("CREATE SCHEMA \"{$name}\"");
|
||||
}
|
||||
|
||||
public function deleteDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
return $this->connection()->statement("DROP SCHEMA \"{$tenant->database()->getName()}\" CASCADE");
|
||||
$name = $tenant->database()->getName();
|
||||
|
||||
$this->validateParameter($name);
|
||||
|
||||
return $this->connection()->statement("DROP SCHEMA \"{$name}\" CASCADE");
|
||||
}
|
||||
|
||||
public function databaseExists(string $name): bool
|
||||
{
|
||||
return (bool) $this->connection()->select("SELECT schema_name FROM information_schema.schemata WHERE schema_name = '$name'");
|
||||
return (bool) $this->connection()->select('SELECT schema_name FROM information_schema.schemata WHERE schema_name = ?', [$name]);
|
||||
}
|
||||
|
||||
public function makeConnectionConfig(array $baseConfig, string $databaseName): array
|
||||
|
|
|
|||
|
|
@ -6,13 +6,17 @@ namespace Stancl\Tenancy\Database\TenantDatabaseManagers;
|
|||
|
||||
use Closure;
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
use InvalidArgumentException;
|
||||
use PDO;
|
||||
use Stancl\Tenancy\Database\Concerns\ValidatesDatabaseParameters;
|
||||
use Stancl\Tenancy\Database\Contracts\TenantDatabaseManager;
|
||||
use Stancl\Tenancy\Database\Contracts\TenantWithDatabase;
|
||||
use Throwable;
|
||||
|
||||
class SQLiteDatabaseManager implements TenantDatabaseManager
|
||||
{
|
||||
use ValidatesDatabaseParameters;
|
||||
|
||||
/**
|
||||
* SQLite database directory path.
|
||||
*
|
||||
|
|
@ -57,6 +61,13 @@ class SQLiteDatabaseManager implements TenantDatabaseManager
|
|||
*/
|
||||
public static Closure|null $closeInMemoryConnectionUsing = null;
|
||||
|
||||
/**
|
||||
* Characters allowed in database names.
|
||||
*
|
||||
* Includes dots to support file extensions (e.g. '.sqlite').
|
||||
*/
|
||||
public static string $allowedDatabaseNameCharacters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-.';
|
||||
|
||||
public function createDatabase(TenantWithDatabase $tenant): bool
|
||||
{
|
||||
/** @var TenantWithDatabase&Model $tenant */
|
||||
|
|
@ -122,6 +133,9 @@ class SQLiteDatabaseManager implements TenantDatabaseManager
|
|||
public function makeConnectionConfig(array $baseConfig, string $databaseName): array
|
||||
{
|
||||
if ($this->isInMemory($databaseName)) {
|
||||
// Named in-memory DBs are formatted like 'file:_tenancy_inmemory_tenant123?mode=memory&cache=shared'
|
||||
$this->validateDatabaseName($databaseName, extraAllowedCharacters: ':?=&');
|
||||
|
||||
$baseConfig['database'] = $databaseName;
|
||||
|
||||
if (static::$persistInMemoryConnectionUsing !== null) {
|
||||
|
|
@ -129,7 +143,7 @@ class SQLiteDatabaseManager implements TenantDatabaseManager
|
|||
(static::$persistInMemoryConnectionUsing)(new PDO($dsn), $dsn);
|
||||
}
|
||||
} else {
|
||||
$baseConfig['database'] = database_path($databaseName);
|
||||
$baseConfig['database'] = $this->getPath($databaseName);
|
||||
}
|
||||
|
||||
return $baseConfig;
|
||||
|
|
@ -137,6 +151,8 @@ class SQLiteDatabaseManager implements TenantDatabaseManager
|
|||
|
||||
public function getPath(string $name): string
|
||||
{
|
||||
$this->validateDatabaseName($name);
|
||||
|
||||
if (static::$path) {
|
||||
return rtrim(static::$path, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . $name;
|
||||
}
|
||||
|
|
@ -146,6 +162,28 @@ class SQLiteDatabaseManager implements TenantDatabaseManager
|
|||
|
||||
public static function isInMemory(string $name): bool
|
||||
{
|
||||
return $name === ':memory:' || str_contains($name, '_tenancy_inmemory_');
|
||||
$isNamed = str_starts_with($name, 'file:_tenancy_inmemory_') &&
|
||||
str_ends_with($name, '?mode=memory&cache=shared');
|
||||
|
||||
return $name === ':memory:' || $isNamed;
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensure database name only contains allowed characters
|
||||
* (allowedDatabaseNameCharacters() + $extraAllowedCharacters) and is not a directory name.
|
||||
*
|
||||
* @throws InvalidArgumentException
|
||||
*/
|
||||
protected function validateDatabaseName(string $name, string $extraAllowedCharacters = ''): void
|
||||
{
|
||||
$this->validateParameter($name, static::$allowedDatabaseNameCharacters . $extraAllowedCharacters);
|
||||
|
||||
if ($name === '') {
|
||||
throw new InvalidArgumentException('Database name cannot be empty.');
|
||||
}
|
||||
|
||||
if (is_dir($name)) {
|
||||
throw new InvalidArgumentException('Database name cannot be a directory.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,11 +6,14 @@ namespace Stancl\Tenancy\Database\TenantDatabaseManagers;
|
|||
|
||||
use Illuminate\Database\Connection;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Stancl\Tenancy\Database\Concerns\ValidatesDatabaseParameters;
|
||||
use Stancl\Tenancy\Database\Contracts\StatefulTenantDatabaseManager;
|
||||
use Stancl\Tenancy\Database\Exceptions\NoConnectionSetException;
|
||||
|
||||
abstract class TenantDatabaseManager implements StatefulTenantDatabaseManager
|
||||
{
|
||||
use ValidatesDatabaseParameters;
|
||||
|
||||
/** The database connection to the server. */
|
||||
protected string $connection;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,35 +0,0 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Event;
|
||||
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
|
||||
use Stancl\Tenancy\Events\TenancyEnded;
|
||||
use Stancl\Tenancy\Events\TenancyInitialized;
|
||||
use Stancl\Tenancy\Listeners\BootstrapTenancy;
|
||||
use Stancl\Tenancy\Listeners\RevertToCentralContext;
|
||||
use Stancl\Tenancy\Tests\Etc\Tenant;
|
||||
|
||||
use function Stancl\Tenancy\Tests\pest;
|
||||
|
||||
beforeEach(function () {
|
||||
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
|
||||
Event::listen(TenancyEnded::class, RevertToCentralContext::class);
|
||||
});
|
||||
|
||||
test('database tenancy bootstrapper throws an exception if DATABASE_URL is set', function (string|null $databaseUrl) {
|
||||
if ($databaseUrl) {
|
||||
config(['database.connections.central.url' => $databaseUrl]);
|
||||
|
||||
pest()->expectException(Exception::class);
|
||||
}
|
||||
|
||||
config(['tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class]]);
|
||||
|
||||
$tenant1 = Tenant::create();
|
||||
|
||||
pest()->artisan('tenants:migrate');
|
||||
|
||||
tenancy()->initialize($tenant1);
|
||||
|
||||
expect(true)->toBe(true);
|
||||
})->with(['abc.us-east-1.rds.amazonaws.com', null]);
|
||||
|
||||
164
tests/Bootstrappers/DatabaseTenancyBootstrapperTest.php
Normal file
164
tests/Bootstrappers/DatabaseTenancyBootstrapperTest.php
Normal file
|
|
@ -0,0 +1,164 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Event;
|
||||
use Stancl\JobPipeline\JobPipeline;
|
||||
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
|
||||
use Stancl\Tenancy\Events\TenancyEnded;
|
||||
use Stancl\Tenancy\Events\TenancyInitialized;
|
||||
use Stancl\Tenancy\Jobs\CreateDatabase;
|
||||
use Stancl\Tenancy\Events\TenantCreated;
|
||||
use Stancl\Tenancy\Listeners\BootstrapTenancy;
|
||||
use Stancl\Tenancy\Listeners\RevertToCentralContext;
|
||||
use Stancl\Tenancy\Tests\Etc\Tenant;
|
||||
use Illuminate\Support\Str;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use Illuminate\Database\QueryException;
|
||||
use Stancl\Tenancy\Database\TenantDatabaseManagers\MySQLDatabaseManager;
|
||||
use Stancl\Tenancy\Database\TenantDatabaseManagers\SQLiteDatabaseManager;
|
||||
use Stancl\Tenancy\Database\TenantDatabaseManagers\PostgreSQLDatabaseManager;
|
||||
use Stancl\Tenancy\Database\TenantDatabaseManagers\PostgreSQLSchemaManager;
|
||||
|
||||
use function Stancl\Tenancy\Tests\pest;
|
||||
|
||||
$cleanup = function () {
|
||||
DatabaseTenancyBootstrapper::$harden = false;
|
||||
};
|
||||
|
||||
beforeEach(function () use ($cleanup) {
|
||||
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
|
||||
Event::listen(TenancyEnded::class, RevertToCentralContext::class);
|
||||
|
||||
$cleanup();
|
||||
});
|
||||
|
||||
afterEach($cleanup);
|
||||
|
||||
test('harden prevents tenants from using the central database', function (bool $harden, string $connection, string $manager) {
|
||||
config([
|
||||
'tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class],
|
||||
"tenancy.database.managers.{$connection}" => $manager,
|
||||
]);
|
||||
|
||||
// Point the central connection at the tested connection's config and migrate it
|
||||
// (so that the central database/schema contains the tenants table).
|
||||
$centralConnection = config('tenancy.database.central_connection');
|
||||
$centralConfig = config("database.connections.{$connection}");
|
||||
|
||||
if ($connection === 'sqlite') {
|
||||
$centralConfig['database'] = database_path($sqliteCentralDb = 'central.sqlite');
|
||||
}
|
||||
|
||||
DB::purge($centralConnection);
|
||||
config(["database.connections.{$centralConnection}" => $centralConfig]);
|
||||
|
||||
pest()->artisan('migrate:fresh', [
|
||||
'--force' => true,
|
||||
'--path' => __DIR__ . '/../../assets/migrations',
|
||||
'--realpath' => true,
|
||||
]);
|
||||
|
||||
DatabaseTenancyBootstrapper::$harden = $harden;
|
||||
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
})->toListener());
|
||||
|
||||
// Create the tenant with its own database, then repoint it at the central database/schema
|
||||
// (which contains the tenants table that the hardening check looks for).
|
||||
$tenant = Tenant::create(['tenancy_db_connection' => $connection]);
|
||||
|
||||
$central = DB::connection($centralConnection);
|
||||
$centralName = match (true) {
|
||||
$manager === PostgreSQLSchemaManager::class => $central->selectOne('SELECT current_schema() AS schema')->schema, // Central schema name
|
||||
$connection === 'sqlite' => $sqliteCentralDb, // Central SQLite DB name
|
||||
default => $central->getDatabaseName(), // Central DB name
|
||||
};
|
||||
|
||||
$tenant->update(['tenancy_db_name' => $centralName]);
|
||||
|
||||
if ($harden) {
|
||||
// Harden blocks initialization for tenants that use the central database
|
||||
expect(fn () => tenancy()->initialize($tenant))->toThrow(RuntimeException::class);
|
||||
|
||||
// Connection should be reverted back to central
|
||||
expect(DB::connection()->getName())->toBe($centralConnection);
|
||||
} else {
|
||||
expect(fn () => tenancy()->initialize($tenant))->not()->toThrow(Throwable::class);
|
||||
|
||||
// Connection not reverted to central
|
||||
expect(DB::connection()->getName())->toBe('tenant');
|
||||
}
|
||||
})->with([
|
||||
'hardening enabled' => true,
|
||||
'hardening disabled' => false,
|
||||
])->with('db_managers');
|
||||
|
||||
test('harden prevents tenants from using a database of another tenant', function (bool $harden, string $connection, string $manager) {
|
||||
config([
|
||||
'tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class],
|
||||
"tenancy.database.managers.{$connection}" => $manager,
|
||||
]);
|
||||
|
||||
DatabaseTenancyBootstrapper::$harden = $harden;
|
||||
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
})->toListener());
|
||||
|
||||
$tenant = Tenant::create(['tenancy_db_connection' => $connection]);
|
||||
|
||||
$dbName = Str::random(8) . ($connection === 'sqlite' ? '.sqlite' : '');
|
||||
|
||||
Tenant::create(['tenancy_db_name' => $dbName, 'tenancy_db_connection' => $connection]);
|
||||
|
||||
$tenant->update(['tenancy_db_name' => $dbName]);
|
||||
|
||||
if ($harden) {
|
||||
// Harden blocks initialization for tenants that use a database of another tenant
|
||||
expect(fn () => tenancy()->initialize($tenant))->toThrow(RuntimeException::class);
|
||||
|
||||
// Connection should be reverted back to central
|
||||
expect(DB::connection()->getName())->toBe('central');
|
||||
} else {
|
||||
expect(fn() => tenancy()->initialize($tenant))->not()->toThrow(Throwable::class);
|
||||
|
||||
// Connection not reverted to central
|
||||
expect(DB::connection()->getName())->toBe('tenant');
|
||||
}
|
||||
})->with([
|
||||
'hardening enabled' => true,
|
||||
'hardening disabled' => false,
|
||||
])->with('db_managers');
|
||||
|
||||
test('database tenancy bootstrapper throws an exception if DATABASE_URL is set', function (string|null $databaseUrl) {
|
||||
config(['database.connections.central.url' => $databaseUrl]);
|
||||
|
||||
config(['tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class]]);
|
||||
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
})->toListener());
|
||||
|
||||
if ($databaseUrl) {
|
||||
expect(fn() => Tenant::create())->toThrow(QueryException::class);
|
||||
} else {
|
||||
expect(function() {
|
||||
$tenant1 = Tenant::create();
|
||||
|
||||
pest()->artisan('tenants:migrate');
|
||||
|
||||
tenancy()->initialize($tenant1);
|
||||
})->not()->toThrow(Throwable::class);
|
||||
}
|
||||
})->with(['abc.us-east-1.rds.amazonaws.com', null]);
|
||||
|
||||
// Database managers to test with hardening.
|
||||
// Permission controlled managers omitted as they inherit the non-perm controlled managers (= they share the same code paths),
|
||||
// each important code path is covered by testing the non-permission controlled manager, so adding permission controlled managers
|
||||
// would add unnecessary complexity to the tests.
|
||||
dataset('db_managers', [
|
||||
'mysql' => ['mysql', MySQLDatabaseManager::class],
|
||||
'pgsql (database)' => ['pgsql', PostgreSQLDatabaseManager::class],
|
||||
'pgsql (schema)' => ['pgsql', PostgreSQLSchemaManager::class],
|
||||
'sqlite' => ['sqlite', SQLiteDatabaseManager::class],
|
||||
]);
|
||||
|
|
@ -17,6 +17,7 @@ use Stancl\Tenancy\Events\TenancyInitialized;
|
|||
use Stancl\Tenancy\Listeners\BootstrapTenancy;
|
||||
use Stancl\Tenancy\Listeners\RevertToCentralContext;
|
||||
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
|
||||
use Stancl\Tenancy\Database\Contracts\ManagesDatabaseUsers;
|
||||
use Stancl\Tenancy\Database\Contracts\StatefulTenantDatabaseManager;
|
||||
use Stancl\Tenancy\Database\TenantDatabaseManagers\MySQLDatabaseManager;
|
||||
use Stancl\Tenancy\Database\TenantDatabaseManagers\SQLiteDatabaseManager;
|
||||
|
|
@ -36,6 +37,10 @@ beforeEach(function () {
|
|||
SQLiteDatabaseManager::$path = null;
|
||||
});
|
||||
|
||||
afterEach(function () {
|
||||
SQLiteDatabaseManager::$path = null;
|
||||
});
|
||||
|
||||
test('databases can be created and deleted', function ($driver, $databaseManager) {
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
|
|
@ -539,6 +544,237 @@ test('partial tenant connection templates get merged into the central connection
|
|||
expect($manager->connection()->getConfig('url'))->toBeNull();
|
||||
});
|
||||
|
||||
test('database managers validate parameters used in raw sql statements', function ($driver, $databaseManager) {
|
||||
config()->set([
|
||||
"tenancy.database.template_tenant_connection" => $driver,
|
||||
]);
|
||||
|
||||
$manager = app($databaseManager);
|
||||
|
||||
if ($manager instanceof StatefulTenantDatabaseManager) {
|
||||
$manager->setConnection($driver);
|
||||
}
|
||||
|
||||
$invalidDatabaseName = "\"database_with_quotes\"";
|
||||
|
||||
if (! ($manager instanceof ManagesDatabaseUsers)) {
|
||||
// Only test createDatabase() and deleteDatabase() with non-permission controlled managers here
|
||||
// since permission controlled managers override these methods to e.g. delete users before
|
||||
// calling parent::deleteDatabase(), and with invalid DB name, the user deletion will already
|
||||
// fail before we even get to actual deleteDatabase() logic.
|
||||
$tenant = Tenant::make([
|
||||
'tenancy_db_name' => $invalidDatabaseName,
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createDatabase($tenant))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
expect(fn () => $manager->deleteDatabase($tenant))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
} else {
|
||||
// Invalid username, createUser() and deleteUser() should
|
||||
// throw an invalid argument exception.
|
||||
$tenantWithInvalidUsername = Tenant::make([
|
||||
'tenancy_db_name' => 'valid_database_name890',
|
||||
'tenancy_db_username' => "username with spaces",
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createUser($tenantWithInvalidUsername->database()))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
expect(fn () => $manager->deleteUser($tenantWithInvalidUsername->database()))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
// Invalid database name, createUser() should throw
|
||||
// an invalid argument exception. deleteUser() doesn't
|
||||
// validate the DB name (it only validates the username).
|
||||
$tenantWithInvalidDatabase = Tenant::make([
|
||||
'tenancy_db_name' => $invalidDatabaseName,
|
||||
'tenancy_db_username' => 'valid_USERNAME',
|
||||
'tenancy_db_password' => 'valid_password',
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createUser($tenantWithInvalidDatabase->database()))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
$tenantWithInvalidPassword = Tenant::make([
|
||||
'tenancy_db_name' => 'valid_database_name890',
|
||||
'tenancy_db_username' => 'valid_USERNAME',
|
||||
'tenancy_db_password' => "p'ssword",
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createUser($tenantWithInvalidPassword->database()))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
// Special characters are allowed in passwords
|
||||
$tenantWithValidPassword = Tenant::make([
|
||||
'tenancy_db_name' => 'valid_database_name890' . Str::random(8),
|
||||
'tenancy_db_username' => 'valid_USERNAME' . Str::random(8),
|
||||
'tenancy_db_password' => "]pa$$ ;word",
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createUser($tenantWithValidPassword->database()))
|
||||
->not()->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
$tenantWithNullCredentials = Tenant::make([
|
||||
'tenancy_db_name' => 'valid_db_name',
|
||||
'tenancy_db_username' => null,
|
||||
'tenancy_db_password' => null,
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createUser($tenantWithNullCredentials->database()))
|
||||
->toThrow(InvalidArgumentException::class, 'Parameter cannot be null.');
|
||||
}
|
||||
})->with('database_managers');
|
||||
|
||||
test('mysql database manager validates charset and collation correctly', function (string $param) {
|
||||
$manager = app(MySQLDatabaseManager::class);
|
||||
$manager->setConnection('mysql');
|
||||
|
||||
// using a non-string value (empty array) which is invalid
|
||||
config(["database.connections.mysql.$param" => []]);
|
||||
DB::purge('mysql');
|
||||
|
||||
$tenant = Tenant::make([
|
||||
'tenancy_db_name' => 'valid_db_name',
|
||||
]);
|
||||
|
||||
expect(fn () => $manager->createDatabase($tenant))
|
||||
->toThrow(InvalidArgumentException::class, 'Parameter has to be a string.');
|
||||
})->with(['charset', 'collation']);
|
||||
|
||||
test('sqlite database manager validates database names correctly', function () {
|
||||
$manager = app(SQLiteDatabaseManager::class);
|
||||
|
||||
// Dots are allowed in database names
|
||||
expect(fn () => $manager->databaseExists('valid-db_name.sqlite'))
|
||||
->not()->toThrow(InvalidArgumentException::class);
|
||||
|
||||
// Directory names are considered invalid input for database names
|
||||
expect(fn () => $manager->databaseExists('..'))
|
||||
->toThrow(InvalidArgumentException::class);
|
||||
|
||||
// Empty strings are considered invalid input for database names
|
||||
expect(fn () => $manager->databaseExists(''))
|
||||
->toThrow(InvalidArgumentException::class);
|
||||
});
|
||||
|
||||
test('sqlite database manager recognizes inmemory databases correctly', function () {
|
||||
$manager = app(SQLiteDatabaseManager::class);
|
||||
|
||||
expect($manager->isInMemory('file:_tenancy_inmemory_123?mode=memory&cache=shared'))->toBeTrue();
|
||||
expect($manager->isInMemory(':memory:'))->toBeTrue();
|
||||
|
||||
// Missing the '?mode=memory&cache=shared' suffix
|
||||
expect($manager->isInMemory('file:_tenancy_inmemory_456'))->toBeFalse();
|
||||
|
||||
// Doesn't start with 'file:_tenancy_inmemory_'
|
||||
expect($manager->isInMemory('_tenancy_inmemory_123?mode=memory&cache=shared'))->toBeFalse();
|
||||
|
||||
// In-memory DB name is validated correctly in makeConnectionConfig()
|
||||
expect(fn () => $manager->makeConnectionConfig([], 'file:_tenancy_inmemory_12"3?mode=memory&cache=shared'))
|
||||
->toThrow(InvalidArgumentException::class, 'Forbidden character');
|
||||
|
||||
expect(fn () => $manager->makeConnectionConfig([], 'file:_tenancy_inmemory_123?mode=memory&cache=shared'))
|
||||
->not()->toThrow(InvalidArgumentException::class);
|
||||
|
||||
expect(fn () => $manager->makeConnectionConfig([], ':memory:'))
|
||||
->not()->toThrow(InvalidArgumentException::class);
|
||||
});
|
||||
|
||||
test('sqlite database manager respects the configured path while making the database config', function () {
|
||||
config()->set([
|
||||
'tenancy.database.template_tenant_connection' => 'sqlite',
|
||||
]);
|
||||
|
||||
$tenant = Tenant::make([
|
||||
'tenancy_db_name' => 'tenant.sqlite',
|
||||
]);
|
||||
|
||||
// SQLiteDatabaseManager::$path is null, the database path is built using database_path()
|
||||
expect($tenant->database()->connection()['database'])->toBe(database_path('tenant.sqlite'));
|
||||
|
||||
SQLiteDatabaseManager::$path = '/custom/path/';
|
||||
|
||||
expect($tenant->database()->connection()['database'])->toBe('/custom/path/tenant.sqlite');
|
||||
});
|
||||
|
||||
test('newly created tenant databases use the correct charset and collation with mysql', function () {
|
||||
config([
|
||||
'tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class],
|
||||
'database.connections.mysql.charset' => 'utf8mb4',
|
||||
'database.connections.mysql.collation' => 'utf8mb4_unicode_ci',
|
||||
]);
|
||||
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
})->toListener());
|
||||
|
||||
withBootstrapping();
|
||||
|
||||
$serverDefaultCharset = DB::selectOne('SELECT @@character_set_server AS charset')->charset;
|
||||
$serverDefaultCollation = DB::selectOne('SELECT @@collation_server AS collation')->collation;
|
||||
|
||||
$databaseCharset = fn () => DB::selectOne('SELECT DEFAULT_CHARACTER_SET_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME = DATABASE()')->DEFAULT_CHARACTER_SET_NAME;
|
||||
$databaseCollation = fn () => DB::selectOne('SELECT DEFAULT_COLLATION_NAME FROM information_schema.SCHEMATA WHERE SCHEMA_NAME = DATABASE()')->DEFAULT_COLLATION_NAME;
|
||||
|
||||
$defaultTenant = Tenant::create();
|
||||
|
||||
tenancy()->initialize($defaultTenant);
|
||||
|
||||
// No charset or collation specified,
|
||||
// defaults from the MySQL config used.
|
||||
expect($databaseCharset())->toBe('utf8mb4');
|
||||
expect($databaseCollation())->toBe('utf8mb4_unicode_ci');
|
||||
|
||||
$tenantWithCharsetAndCollation = Tenant::create([
|
||||
'tenancy_db_charset' => 'latin1',
|
||||
'tenancy_db_collation' => 'latin1_swedish_ci',
|
||||
]);
|
||||
|
||||
tenancy()->initialize($tenantWithCharsetAndCollation);
|
||||
|
||||
// Custom charset and collation from tenant config
|
||||
expect($databaseCharset())->toBe('latin1');
|
||||
expect($databaseCollation())->toBe('latin1_swedish_ci');
|
||||
|
||||
$tenantWithNullCharsetAndCollation = Tenant::create([
|
||||
'tenancy_db_charset' => null,
|
||||
'tenancy_db_collation' => null,
|
||||
]);
|
||||
|
||||
tenancy()->initialize($tenantWithNullCharsetAndCollation);
|
||||
|
||||
// Default MySQL server charset and collation
|
||||
// (e.g. charset = utf8mb4, collation = utf8mb4_0900_ai_ci)
|
||||
expect($databaseCharset())->toBe($serverDefaultCharset);
|
||||
expect($databaseCollation())->toBe($serverDefaultCollation);
|
||||
|
||||
$tenantWithCharsetAndNullCollation = Tenant::create([
|
||||
'tenancy_db_charset' => 'binary',
|
||||
'tenancy_db_collation' => null,
|
||||
]);
|
||||
|
||||
tenancy()->initialize($tenantWithCharsetAndNullCollation);
|
||||
|
||||
// Charset specified, collation is null,
|
||||
// MySQL will choose a default collation for the specified charset.
|
||||
expect($databaseCharset())->toBe('binary');
|
||||
expect($databaseCollation())->toBe('binary');
|
||||
|
||||
// Collation specified, charset is null,
|
||||
// MySQL will choose a default charset for the specified collation.
|
||||
$tenantWithCollationAndNullCharset = Tenant::create([
|
||||
'tenancy_db_charset' => null,
|
||||
'tenancy_db_collation' => 'latin1_swedish_ci',
|
||||
]);
|
||||
|
||||
tenancy()->initialize($tenantWithCollationAndNullCharset);
|
||||
|
||||
expect($databaseCharset())->toBe('latin1');
|
||||
expect($databaseCollation())->toBe('latin1_swedish_ci');
|
||||
});
|
||||
|
||||
// Datasets
|
||||
dataset('database_managers', [
|
||||
['mysql', MySQLDatabaseManager::class],
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue