From 5a1beb1f3b993000748c4567152da4b4ce277c42 Mon Sep 17 00:00:00 2001
From: lukinovec <lukinovec@gmail.com>
Date: Wed, 22 Nov 2023 18:07:58 +0100
Subject: [PATCH] Make Postgres tenant DB password default to central

---
 composer.json                                 | 29 ++++++++++++++-----
 .../Integrations/PostgresRLSBootstrapper.php  | 13 ++-------
 src/Jobs/CreatePostgresUserForTenant.php      |  5 +++-
 3 files changed, 28 insertions(+), 19 deletions(-)

diff --git a/composer.json b/composer.json
index cadd9ee5..14d31ba7 100644
--- a/composer.json
+++ b/composer.json
@@ -31,7 +31,7 @@
         "league/flysystem-aws-s3-v3": "^3.12.2",
         "doctrine/dbal": "^3.6.0",
         "spatie/valuestore": "^1.2.5",
-        "pestphp/pest": "^1.21",
+        "pestphp/pest": "^2.25",
         "nunomaduro/larastan": "^2.4",
         "spatie/invade": "^1.1"
     },
@@ -60,16 +60,31 @@
         }
     },
     "scripts": {
-        "docker-up": "PHP_VERSION=8.2 docker-compose up -d",
-        "docker-down": "PHP_VERSION=8.2 docker-compose down",
-        "docker-rebuild": "PHP_VERSION=8.2 docker-compose up -d --no-deps --build",
+        "docker-up": [
+            "@putenv PHP_VERSION=8.2",
+            "docker-compose up -d"
+        ],
+        "docker-down": [
+            "@putenv PHP_VERSION=8.2",
+            "docker-compose down"
+        ],
+        "docker-rebuild": [
+            "@putenv PHP_VERSION=8.2",
+            "docker-compose up -d --no-deps --build"
+        ],
+        "test": [
+            "@putenv PHP_VERSION=8.2",
+            "./test --no-coverage"
+        ],
+        "test-full": [
+            "@putenv PHP_VERSION=8.2",
+            "./test"
+        ],
         "docker-m1": "ln -s docker-compose-m1.override.yml docker-compose.override.yml",
         "coverage": "open coverage/phpunit/html/index.html",
         "phpstan": "vendor/bin/phpstan",
         "phpstan-pro": "vendor/bin/phpstan --pro",
-        "cs": "php-cs-fixer fix --config=.php-cs-fixer.php",
-        "test": "PHP_VERSION=8.2 ./test --no-coverage",
-        "test-full": "PHP_VERSION=8.2 ./test"
+        "cs": "php-cs-fixer fix --config=.php-cs-fixer.php"
     },
     "minimum-stability": "dev",
     "prefer-stable": true,
diff --git a/src/Bootstrappers/Integrations/PostgresRLSBootstrapper.php b/src/Bootstrappers/Integrations/PostgresRLSBootstrapper.php
index 092551f4..57b5ccf6 100644
--- a/src/Bootstrappers/Integrations/PostgresRLSBootstrapper.php
+++ b/src/Bootstrappers/Integrations/PostgresRLSBootstrapper.php
@@ -23,11 +23,6 @@ class PostgresRLSBootstrapper implements TenancyBootstrapper
 {
     protected array $originalCentralConnectionConfig;
 
-    /**
-     * Must not return an empty string.
-     */
-    public static string|Closure $defaultPassword = 'password';
-
     public function __construct(
         protected Repository $config,
         protected DatabaseManager $database,
@@ -38,13 +33,14 @@ class PostgresRLSBootstrapper implements TenancyBootstrapper
     public function bootstrap(Tenant $tenant): void
     {
         $centralConnection = $this->config->get('tenancy.database.central_connection');
+        $centralConnectionPassword = $this->config->get("database.connections.$centralConnection.password");
 
         $this->database->purge($centralConnection);
 
         /** @var TenantWithDatabase $tenant */
         $this->config->set([
             'database.connections.' . $centralConnection . '.username' => $tenant->database()->getUsername() ?? $tenant->getTenantKey(),
-            'database.connections.' . $centralConnection . '.password' => $tenant->database()->getPassword() ?? $this->getDefaultPassword(),
+            'database.connections.' . $centralConnection . '.password' => $tenant->database()->getPassword() ?? $centralConnectionPassword,
         ]);
     }
 
@@ -56,9 +52,4 @@ class PostgresRLSBootstrapper implements TenancyBootstrapper
 
         $this->config->set('database.connections.' . $centralConnection, $this->originalCentralConnectionConfig);
     }
-
-    public static function getDefaultPassword(): string
-    {
-        return is_string(static::$defaultPassword) ? static::$defaultPassword : (static::$defaultPassword)();
-    }
 }
diff --git a/src/Jobs/CreatePostgresUserForTenant.php b/src/Jobs/CreatePostgresUserForTenant.php
index f9a9ecce..64ae0dbe 100644
--- a/src/Jobs/CreatePostgresUserForTenant.php
+++ b/src/Jobs/CreatePostgresUserForTenant.php
@@ -35,8 +35,11 @@ class CreatePostgresUserForTenant implements ShouldQueue
      */
     public function handle()
     {
+        $centralConnection = config('tenancy.database.central_connection');
+        $centralConnectionPassword = config("database.connections.$centralConnection.password");
+
         $name = $this->tenant->database()->getUsername() ?? $this->tenant->getTenantKey();
-        $password = $this->tenant->database()->getPassword() ?? PostgresRLSBootstrapper::getDefaultPassword();
+        $password = $this->tenant->database()->getPassword() ?? $centralConnectionPassword;
 
         // Create the user only if it doesn't already exist
         if (! count(DB::select('SELECT usename FROM pg_user WHERE usename = $1', [$name])) > 0) {