Merge branch 'master' into stop-impersonating

assets/TenancyServiceProvider.stub.php

@@ -53,8 +53,6 @@ class TenancyServiceProvider extends ServiceProvider
                 ])->send(function (Events\TenantCreated $event) {
                     return $event->tenant;
                 })->shouldBeQueued(false),
-
-                // Listeners\CreateTenantStorage::class,
             ],
             Events\SavingTenant::class => [],
             Events\TenantSaved::class => [],
@@ -63,12 +61,11 @@ class TenancyServiceProvider extends ServiceProvider
             Events\DeletingTenant::class => [
                 JobPipeline::make([
                     Jobs\DeleteDomains::class,
+                    // Jobs\DeleteTenantStorage::class,
                     // Jobs\RemoveStorageSymlinks::class,
                 ])->send(function (Events\DeletingTenant $event) {
                     return $event->tenant;
                 })->shouldBeQueued(false),
-
-                // Listeners\DeleteTenantStorage::class,
             ],
             Events\TenantDeleted::class => [
                 JobPipeline::make([

docker-compose.yml

@@ -80,8 +80,8 @@ services:
     mssql:
         image: mcr.microsoft.com/mssql/server:2022-latest
         environment:
-          - ACCEPT_EULA=Y
-          - SA_PASSWORD=P@ssword # must be the same as TENANCY_TEST_SQLSRV_PASSWORD
+            ACCEPT_EULA: "Y"
+            SA_PASSWORD: "P@ssword" # must be the same as TENANCY_TEST_SQLSRV_PASSWORD
         healthcheck: # https://github.com/Microsoft/mssql-docker/issues/133#issuecomment-1995615432
             test: timeout 2 bash -c 'cat < /dev/null > /dev/tcp/127.0.0.1/1433'
             interval: 10s

src/Database/Concerns/PendingScope.php

@@ -14,7 +14,7 @@ class PendingScope implements Scope
     /**
      * Apply the scope to a given Eloquent query builder.
      *
-     * @param Builder<Model> $builder
+     * @param Builder<covariant Model> $builder
      *
      * @return void
      */
@@ -58,8 +58,10 @@ class PendingScope implements Scope
     {
         $builder->macro('withoutPending', function (Builder $builder) {
             $builder->withoutGlobalScope(static::class)
-                ->whereNull($builder->getModel()->getColumnForQuery('pending_since'))
-                ->orWhereNull($builder->getModel()->getDataColumn());
+                ->where(function (Builder $query) {
+                    $query->whereNull($query->getModel()->getColumnForQuery('pending_since'))
+                        ->orWhereNull($query->getModel()->getDataColumn());
+                });
 
             return $builder;
         });

src/Database/ParentModelScope.php

@@ -12,7 +12,7 @@ use Illuminate\Database\Eloquent\Scope;
 class ParentModelScope implements Scope
 {
     /**
-     * @param Builder<Model> $builder
+     * @param Builder<covariant Model> $builder
      */
     public function apply(Builder $builder, Model $model): void
     {

src/Database/TenantScope.php

@@ -13,7 +13,7 @@ use Stancl\Tenancy\Tenancy;
 class TenantScope implements Scope
 {
     /**
-     * @param Builder<Model> $builder
+     * @param Builder<covariant Model> $builder
      */
     public function apply(Builder $builder, Model $model)
     {

src/Jobs/DeleteDatabase.php

@@ -22,12 +22,34 @@ class DeleteDatabase implements ShouldQueue
         protected TenantWithDatabase&Model $tenant,
     ) {}
 
+    /** Skip database deletion if the create_database internal attribute is false. */
+    public static bool $skipWhenCreateDatabaseIsFalse = true;
+
+    /** Ignore exceptions thrown during database deletion and continue execution. */
+    public static bool $ignoreFailures = false;
+
     public function handle(): void
     {
+        if (static::$skipWhenCreateDatabaseIsFalse && $this->tenant->getInternal('create_database') === false) {
+            // If database creation was skipped, we presume deletion should also be skipped.
+            // To avoid this skip, either unset the `create_database` attribute (or make it true), or
+            // set the $skipWhenCreateDatabaseIsFalse static property to false.
+            return;
+        }
+
         event(new DeletingDatabase($this->tenant));
 
-        $this->tenant->database()->manager()->deleteDatabase($this->tenant);
+        $deleted = false;
 
-        event(new DatabaseDeleted($this->tenant));
+        try {
+            $this->tenant->database()->manager()->deleteDatabase($this->tenant);
+            $deleted = true;
+        } catch (\Throwable $e) {
+            if (! static::$ignoreFailures) {
+                throw $e;
+            }
+        }
+
+        if ($deleted) event(new DatabaseDeleted($this->tenant));
     }
 }

src/Jobs/DeleteTenantStorage.php

@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Stancl\Tenancy\Jobs;
+
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Facades\File;
+use Stancl\Tenancy\Contracts\Tenant;
+
+class DeleteTenantStorage implements ShouldQueue
+{
+    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
+
+    public function __construct(
+        public Tenant $tenant,
+    ) {}
+
+    public function handle(): void
+    {
+        if (config('tenancy.filesystem.suffix_storage_path') === false) {
+            // Skip storage deletion if path suffixing is disabled
+            return;
+        }
+
+        $centralStoragePath = tenancy()->central(fn () => storage_path());
+        $tenantStoragePath = tenancy()->run($this->tenant, fn () => storage_path());
+
+        if ($tenantStoragePath === $centralStoragePath) {
+            // Check again to ensure the tenant storage path is distinct from the central storage path
+            // to avoid any accidental central storage path deletion
+            return;
+        }
+
+        if (is_dir($tenantStoragePath)) {
+            File::deleteDirectory($tenantStoragePath);
+        }
+    }
+}

src/Listeners/CreateTenantStorage.php

@@ -7,11 +7,7 @@ namespace Stancl\Tenancy\Listeners;
 use Stancl\Tenancy\Events\Contracts\TenantEvent;
 
 /**
- * Can be used to manually create framework directories in the tenant storage when storage_path() is scoped.
- *
- * Useful when using real-time facades which use the framework/cache directory.
- *
- * Generally not needed anymore as the directory is also created by the FilesystemTenancyBootstrapper.
+ * @deprecated FilesystemTenancyBootstrapper creates the path automatically when suffix_storage_path is enabled.
  */
 class CreateTenantStorage
 {

src/Listeners/DeleteTenantStorage.php

@@ -7,14 +7,29 @@ namespace Stancl\Tenancy\Listeners;
 use Illuminate\Support\Facades\File;
 use Stancl\Tenancy\Events\Contracts\TenantEvent;
 
+/**
+ * @deprecated Use Stancl\Tenancy\Jobs\DeleteTenantStorage in a job pipeline instead.
+ */
 class DeleteTenantStorage
 {
     public function handle(TenantEvent $event): void
     {
-        $path = tenancy()->run($event->tenant, fn () => storage_path());
+        if (config('tenancy.filesystem.suffix_storage_path') === false) {
+            // Skip storage deletion if path suffixing is disabled
+            return;
+        }
 
-        if (is_dir($path)) {
-            File::deleteDirectory($path);
+        $centralStoragePath = tenancy()->central(fn () => storage_path());
+        $tenantStoragePath = tenancy()->run($event->tenant, fn () => storage_path());
+
+        if ($tenantStoragePath === $centralStoragePath) {
+            // Check again to ensure the tenant storage path is distinct from the central storage path
+            // to avoid any accidental central storage path deletion
+            return;
+        }
+
+        if (is_dir($tenantStoragePath)) {
+            File::deleteDirectory($tenantStoragePath);
         }
     }
 }

src/Middleware/PreventAccessFromUnwantedDomains.php

@@ -31,10 +31,12 @@ class PreventAccessFromUnwantedDomains
     {
         $route = tenancy()->getRoute($request);
 
-        if ($this->shouldBeSkipped($route) || tenancy()->routeIsUniversal($route)) {
+        if ($this->shouldBeSkipped($route)) {
             return $next($request);
         }
 
+        // If the route is universal, neither of these checks will pass and the logic will
+        // fall through to the $next($request) call at the end.
         if ($this->accessingTenantRouteFromCentralDomain($request, $route) || $this->accessingCentralRouteFromTenantDomain($request, $route)) {
             $abortRequest = static::$abortRequest ?? function () {
                 abort(404);

src/Resolvers/DomainTenantResolver.php

@@ -7,6 +7,7 @@ namespace Stancl\Tenancy\Resolvers;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\Relation;
+use Illuminate\Support\Arr;
 use Illuminate\Support\Str;
 use Stancl\Tenancy\Contracts\Domain;
 use Stancl\Tenancy\Contracts\SingleDomainTenant;
@@ -58,7 +59,19 @@ class DomainTenantResolver extends Contracts\CachedTenantResolver
 
     public static function isSubdomain(string $domain): bool
     {
-        return Str::endsWith($domain, config('tenancy.identification.central_domains'));
+        $centralDomains = Arr::wrap(config('tenancy.identification.central_domains'));
+
+        if (in_array($domain, $centralDomains, true)) {
+            return false;
+        }
+
+        foreach ($centralDomains as $centralDomain) {
+            if (Str::endsWith($domain, '.' . $centralDomain)) {
+                return true;
+            }
+        }
+
+        return false;
     }
 
     public function resolved(Tenant $tenant, mixed ...$args): void

tests/Bootstrappers/FilesystemTenancyBootstrapperTest.php

@@ -13,7 +13,7 @@ use Stancl\Tenancy\Events\TenancyInitialized;
 use Stancl\Tenancy\Jobs\CreateStorageSymlinks;
 use Stancl\Tenancy\Jobs\RemoveStorageSymlinks;
 use Stancl\Tenancy\Listeners\BootstrapTenancy;
-use Stancl\Tenancy\Listeners\DeleteTenantStorage;
+use Stancl\Tenancy\Jobs\DeleteTenantStorage;
 use Stancl\Tenancy\Listeners\RevertToCentralContext;
 use Stancl\Tenancy\Bootstrappers\FilesystemTenancyBootstrapper;
 use function Stancl\Tenancy\Tests\pest;
@@ -184,21 +184,63 @@ test('create and delete storage symlinks jobs work', function() {
     $this->assertDirectoryDoesNotExist(public_path("public-$tenantKey"));
 });
 
-test('tenant storage can get deleted after the tenant when DeletingTenant listens to DeleteTenantStorage', function() {
-    Event::listen(DeletingTenant::class, DeleteTenantStorage::class);
+test('tenant storage gets deleted during tenant deletion when the DeletingTenant pipeline contains DeleteTenantStorage', function() {
+    Event::listen(DeletingTenant::class,
+        JobPipeline::make([DeleteTenantStorage::class])->send(function (DeletingTenant $event) {
+            return $event->tenant;
+        })->shouldBeQueued(false)->toListener()
+    );
+
+    $centralStoragePath = storage_path();
+    tenancy()->initialize(Tenant::create());
+
+    // FilesystemTenancyBootstrapper not enabled,
+    // tenant and central storage path is the same,
+    // the storage deletion will be skipped.
+    $tenantStoragePath = storage_path();
+    expect($tenantStoragePath)->toBe($centralStoragePath);
+    expect(File::isDirectory($centralStoragePath))->toBeTrue();
+    tenant()->delete();
+
+    expect(File::isDirectory($centralStoragePath))->toBeTrue();
+
+    config([
+        'tenancy.bootstrappers' => [FilesystemTenancyBootstrapper::class],
+        'tenancy.filesystem.suffix_storage_path' => false,
+    ]);
+
+    tenancy()->initialize(Tenant::create());
+
+    $tenantStoragePath = storage_path();
+
+    // FilesystemTenancyBootstrapper enabled,
+    // but tenant and central storage path is still the same
+    // because suffix_storage_path is false.
+    // The storage deletion will be skipped.
+    expect($tenantStoragePath)->toBe($centralStoragePath);
+    expect(File::isDirectory($centralStoragePath))->toBeTrue();
+    tenant()->delete();
+
+    expect(File::isDirectory($centralStoragePath))->toBeTrue();
+
+    config([
+        'tenancy.bootstrappers' => [FilesystemTenancyBootstrapper::class],
+        'tenancy.filesystem.suffix_storage_path' => true,
+    ]);
 
     tenancy()->initialize(Tenant::create());
     $tenantStoragePath = storage_path();
 
-    Storage::fake('test');
-
+    // FilesystemTenancyBootstrapper enabled,
+    // suffix_storage_path enabled, so the two paths are distinct.
+    // Tenant storage will be deleted.
+    expect($tenantStoragePath)->not()->toBe($centralStoragePath);
     expect(File::isDirectory($tenantStoragePath))->toBeTrue();
 
-    Storage::put('test.txt', 'testing file');
-
     tenant()->delete();
 
     expect(File::isDirectory($tenantStoragePath))->toBeFalse();
+    expect(File::isDirectory($centralStoragePath))->toBeTrue();
 });
 
 test('the framework/cache directory is created when storage_path is scoped', function (bool $suffixStoragePath) {
@@ -256,4 +298,3 @@ test('scoped disks are scoped per tenant', function () {
     expect(file_get_contents(storage_path() . "/app/public/scoped_disk_prefix/foo.txt"))->toBe('central2');
     expect(file_get_contents(storage_path() . "/tenant{$tenant->id}/app/public/scoped_disk_prefix/foo.txt"))->toBe('tenant');
 });
-

tests/DatabasePreparationTest.php

@@ -2,17 +2,27 @@
 
 declare(strict_types=1);
 
+use Illuminate\Database\QueryException;
 use Illuminate\Support\Facades\Event;
 use Illuminate\Support\Facades\Schema;
 use Stancl\JobPipeline\JobPipeline;
 use Stancl\Tenancy\Events\TenantCreated;
+use Stancl\Tenancy\Events\TenantDeleted;
 use Stancl\Tenancy\Jobs\CreateDatabase;
+use Stancl\Tenancy\Jobs\DeleteDatabase;
 use Stancl\Tenancy\Jobs\MigrateDatabase;
 use Stancl\Tenancy\Jobs\SeedDatabase;
 use Stancl\Tenancy\Tests\Etc\Tenant;
 use Illuminate\Foundation\Auth\User as Authenticable;
 use Stancl\Tenancy\Tests\Etc\TestSeeder;
 
+beforeEach($cleanup = function () {
+    DeleteDatabase::$ignoreFailures = false;
+    DeleteDatabase::$skipWhenCreateDatabaseIsFalse = true;
+});
+
+afterEach($cleanup);
+
 test('database can be created after tenant creation', function () {
     config(['tenancy.database.template_tenant_connection' => 'mysql']);
 
@@ -82,6 +92,73 @@ test('custom job can be added to the pipeline', function () {
     });
 });
 
+test('database can be deleted after tenant deletion', function () {
+    Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
+        return $event->tenant;
+    })->toListener());
+
+    Event::listen(TenantDeleted::class, JobPipeline::make([DeleteDatabase::class])->send(function (TenantDeleted $event) {
+        return $event->tenant;
+    })->toListener());
+
+    $tenant = Tenant::create();
+    $manager = $tenant->database()->manager();
+
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeTrue();
+
+    $tenant->delete();
+
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+});
+
+test('database deletion is skipped when create_database is false', function (bool $skipWhenCreateDatabaseIsFalse) {
+    Event::listen(TenantDeleted::class, JobPipeline::make([DeleteDatabase::class])->send(function (TenantDeleted $event) {
+        return $event->tenant;
+    })->toListener());
+
+    // create_database=false means no DB is created (e.g. tenant uses a pre-existing DB)
+    // On deletion, DeleteDatabase should skip rather than attempting DROP DATABASE on a non-existent DB
+    $tenant = Tenant::create(['tenancy_create_database' => false, 'tenancy_db_name' => 'non_existing_db']);
+
+    $manager = $tenant->database()->manager();
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+
+    DeleteDatabase::$skipWhenCreateDatabaseIsFalse = $skipWhenCreateDatabaseIsFalse;
+
+    if ($skipWhenCreateDatabaseIsFalse) {
+        $tenant->delete(); // no exception
+    } else {
+        expect(fn () => $tenant->delete())->toThrow(QueryException::class, "database doesn't exist");
+    }
+
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+})->with([true, false]);
+
+test('database deletion failure is ignored when ignoreFailures is true', function (bool $ignoreFailures) {
+    Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
+        return $event->tenant;
+    })->toListener());
+
+    Event::listen(TenantDeleted::class, JobPipeline::make([DeleteDatabase::class])->send(function (TenantDeleted $event) {
+        return $event->tenant;
+    })->toListener());
+
+    DeleteDatabase::$ignoreFailures = $ignoreFailures;
+
+    $tenant = Tenant::create();
+    $manager = $tenant->database()->manager();
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeTrue();
+
+    $manager->deleteDatabase($tenant); // manually delete so the job fails
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+
+    if ($ignoreFailures) {
+        $tenant->delete(); // no exception
+    } else {
+        expect(fn () => $tenant->delete())->toThrow(QueryException::class, "database doesn't exist");
+    }
+})->with([true, false]);
+
 class User extends Authenticable
 {
     protected $guarded = [];

tests/EarlyIdentificationTest.php

@@ -300,7 +300,7 @@ test('using different default route modes works with global domain identificatio
         $exception = match ($middleware) {
             InitializeTenancyByDomain::class => TenantCouldNotBeIdentifiedOnDomainException::class,
             InitializeTenancyBySubdomain::class => NotASubdomainException::class,
-            InitializeTenancyByDomainOrSubdomain::class => NotASubdomainException::class,
+            InitializeTenancyByDomainOrSubdomain::class => TenantCouldNotBeIdentifiedOnDomainException::class,
         };
 
         expect(fn () => $this->withoutExceptionHandling()->get('http://localhost/central-route'))->toThrow($exception);

tests/PendingTenantsTest.php

@@ -111,6 +111,18 @@ test('a new tenant gets created while pulling a pending tenant if the pending po
     expect(Tenant::withPending()->get()->count())->toBe(1); // All tenants
 });
 
+test('withoutPending chained with where clauses returns correct results', function () {
+    $tenant = Tenant::create();
+    $pendingTenant = Tenant::createPending();
+
+    // The query returned the correct tenant
+    expect(Tenant::withoutPending()->where('id', $tenant->id)->first()->id)->toBe($tenant->id);
+    // No tenant with this ID exists, the query returns null
+    expect(Tenant::withoutPending()->where('id', Str::random(8) . 'nonexistent-id')->first())->toBeNull();
+    // withoutPending() correctly excludes the pending tenant from the query
+    expect(Tenant::withoutPending()->where('id', $pendingTenant->id)->first())->toBeNull();
+});
+
 test('pending tenants are included in all queries based on the include_in_queries config', function () {
     Tenant::createPending();
 

tests/SubdomainTest.php

@@ -7,6 +7,7 @@ use Stancl\Tenancy\Database\Concerns\HasDomains;
 use Stancl\Tenancy\Exceptions\NotASubdomainException;
 use Stancl\Tenancy\Middleware\InitializeTenancyBySubdomain;
 use Stancl\Tenancy\Database\Models;
+use Stancl\Tenancy\Resolvers\DomainTenantResolver;
 use function Stancl\Tenancy\Tests\pest;
 
 beforeEach(function () {
@@ -108,6 +109,14 @@ test('we cant use a subdomain that doesnt belong to our central domains', functi
         ->get('http://foo.localhost/foo/abc/xyz');
 });
 
+test('domain resolver correctly determines if string is a subdomain', function() {
+    config(['tenancy.identification.central_domains' => ['site.com', 'blog.site.com']]);
+
+    expect(DomainTenantResolver::isSubdomain('blog.site.com'))->toBeFalse();
+    expect(DomainTenantResolver::isSubdomain('tenant.site.com'))->toBeTrue();
+    expect(DomainTenantResolver::isSubdomain('tenantsite.com'))->toBeFalse();
+});
+
 class SubdomainTenant extends Models\Tenant
 {
     use HasDomains;