[4.x] URL generation, request data identification improvements (#1357)

* UrlGenerator: set defaults based on config; request data: move config to config file+resolver * Claude code adjustments * improve request data tests, simplify complex test in UrlGeneratorBootstrapperTest * url generator test: test changing tenant parameter name * request data identification: add tenant_model_column configuration * defaultParameterNames -> passQueryParameter * move comment * minor refactor in PathIdentificationTest, expand CLAUDE.md to include early identification section * Fix COLOR_FLAG * improve test name Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * TenancyUrlGenerator: add a check for queryParameterName being null Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Fix code style (php-cs-fixer) --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2025-12-12 14:34:04 +00:00 · 2025-06-02 03:43:47 +02:00 · 2025-06-02 03:43:47 +02:00 · 5f7fd38e5a
commit 5f7fd38e5a
parent f4cc99b317
13 changed files with 440 additions and 126 deletions
--- a/src/Bootstrappers/Integrations/FortifyRouteBootstrapper.php
+++ b/src/Bootstrappers/Integrations/FortifyRouteBootstrapper.php
@ -8,6 +8,7 @@ use Illuminate\Config\Repository;
 use Stancl\Tenancy\Contracts\TenancyBootstrapper;
 use Stancl\Tenancy\Contracts\Tenant;
 use Stancl\Tenancy\Resolvers\PathTenantResolver;
+use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;

 /**
 * Allows customizing Fortify action redirects so that they can also redirect
@ -38,7 +39,7 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper
     * is handled in another way (TenancyUrlGenerator::$passTenantParameter for both,
     * UrlGeneratorBootstrapper:$addTenantParameterToDefaults for path identification).
     */
-    public static bool $passTenantParameter = true;
+    public static bool $passTenantParameter = false;

    /**
     * Tenant route that serves as Fortify's home (e.g. a tenant dashboard route).
@ -47,12 +48,22 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper
    public static string|null $fortifyHome = 'tenant.dashboard';

    /**
-     * Use default parameter names ('tenant' name and tenant key value) instead of the parameter name
-     * and column name configured in the path resolver config.
+     * Follow the query_parameter config instead of the tenant_parameter_name (path identification) config.
     *
-     * You want to enable this when using query string identification while having customized that config.
+     * This only has an effect when:
+     *   - $passTenantParameter is enabled, and
+     *   - the tenant_parameter_name config for the path resolver differs from the query_parameter config for the request data resolver.
+     *
+     * In such a case, instead of adding ['tenant' => '...'] to the route parameters (or whatever your tenant_parameter_name is if not 'tenant'),
+     * the query_parameter will be passed instead, e.g. ['team' => '...'] if your query_parameter config is 'team'.
+     *
+     * This is enabled by default because typically you will not need $passTenantParameter with path identification.
+     * UrlGeneratorBootstrapper::$addTenantParameterToDefaults is recommended instead when using path identification.
+     *
+     * On the other hand, when using request data identification (specifically query string) you WILL need to
+     * pass the parameter therefore you would use $passTenantParameter.
     */
-    public static bool $defaultParameterNames = false;
+    public static bool $passQueryParameter = true;

    protected array $originalFortifyConfig = [];

@ -74,8 +85,14 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper

    protected function useTenantRoutesInFortify(Tenant $tenant): void
    {
-        $tenantParameterName = static::$defaultParameterNames ? 'tenant' : PathTenantResolver::tenantParameterName();
-        $tenantParameterValue = static::$defaultParameterNames ? $tenant->getTenantKey() : PathTenantResolver::tenantParameterValue($tenant);
+        if (static::$passQueryParameter) {
+            // todo@tests
+            $tenantParameterName = RequestDataTenantResolver::queryParameterName();
+            $tenantParameterValue = RequestDataTenantResolver::payloadValue($tenant);
+        } else {
+            $tenantParameterName = PathTenantResolver::tenantParameterName();
+            $tenantParameterValue = PathTenantResolver::tenantParameterValue($tenant);
+        }

        $generateLink = function (string $redirect) use ($tenantParameterValue, $tenantParameterName) {
            return route($redirect, static::$passTenantParameter ? [$tenantParameterName => $tenantParameterValue] : []);
@ -89,7 +106,7 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper

        if (static::$fortifyHome) {
            // Generate the home route URL with the tenant parameter and make it the Fortify home route
-            $this->config->set('fortify.home', route(static::$fortifyHome, static::$passTenantParameter ? [$tenantParameterName => $tenantParameterValue] : []));
+            $this->config->set('fortify.home', $generateLink(static::$fortifyHome));
        }

        $this->config->set('fortify.redirects', $redirects);
--- a/src/Bootstrappers/UrlGeneratorBootstrapper.php
+++ b/src/Bootstrappers/UrlGeneratorBootstrapper.php
@ -67,13 +67,15 @@ class UrlGeneratorBootstrapper implements TenancyBootstrapper
        $defaultParameters = $this->originalUrlGenerator->getDefaultParameters();

        if (static::$addTenantParameterToDefaults) {
-            $defaultParameters = array_merge(
-                $defaultParameters,
-                [
-                    PathTenantResolver::tenantParameterName() => PathTenantResolver::tenantParameterValue($tenant), // path identification
-                    'tenant' => $tenant->getTenantKey(), // query string identification
-                ],
-            );
+            $tenantParameterName = PathTenantResolver::tenantParameterName();
+
+            $defaultParameters = array_merge($defaultParameters, [
+                $tenantParameterName => PathTenantResolver::tenantParameterValue($tenant),
+            ]);
+
+            foreach (PathTenantResolver::allowedExtraModelColumns() as $column) {
+                $defaultParameters["$tenantParameterName:$column"] = $tenant->getAttribute($column);
+            }
        }

        $newGenerator->defaults($defaultParameters);
--- a/src/Middleware/InitializeTenancyByRequestData.php
+++ b/src/Middleware/InitializeTenancyByRequestData.php
@ -18,9 +18,6 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
 {
    use UsableWithEarlyIdentification;

-    public static string $header = 'X-Tenant';
-    public static string $cookie = 'tenant';
-    public static string $queryParameter = 'tenant';
    public static ?Closure $onFail = null;

    public static bool $requireCookieEncryption = false;
@ -54,18 +51,19 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware

    protected function getPayload(Request $request): string|null
    {
-        if (static::$header && $request->hasHeader(static::$header)) {
-            $payload = $request->header(static::$header);
-        } elseif (
-            static::$queryParameter &&
-            $request->has(static::$queryParameter)
-        ) {
-            $payload = $request->get(static::$queryParameter);
-        } elseif (static::$cookie && $request->hasCookie(static::$cookie)) {
-            $payload = $request->cookie(static::$cookie);
+        $headerName = RequestDataTenantResolver::headerName();
+        $queryParameterName = RequestDataTenantResolver::queryParameterName();
+        $cookieName = RequestDataTenantResolver::cookieName();
+
+        if ($headerName && $request->hasHeader($headerName)) {
+            $payload = $request->header($headerName);
+        } elseif ($queryParameterName && $request->has($queryParameterName)) {
+            $payload = $request->get($queryParameterName);
+        } elseif ($cookieName && $request->hasCookie($cookieName)) {
+            $payload = $request->cookie($cookieName);

            if ($payload && is_string($payload)) {
-                $payload = $this->getTenantFromCookie($payload);
+                $payload = $this->getTenantFromCookie($cookieName, $payload);
            }
        } else {
            $payload = null;
@ -86,12 +84,12 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
        return (bool) $this->getPayload($request);
    }

-    protected function getTenantFromCookie(string $cookie): string|null
+    protected function getTenantFromCookie(string $cookieName, string $cookieValue): string|null
    {
        // If the cookie looks like it's encrypted, we try decrypting it
-        if (str_starts_with($cookie, 'eyJpdiI')) {
+        if (str_starts_with($cookieValue, 'eyJpdiI')) {
            try {
-                $json = base64_decode($cookie);
+                $json = base64_decode($cookieValue);
                $data = json_decode($json, true);

                if (
@ -100,9 +98,9 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
                ) {
                    // We can confidently assert that the cookie is encrypted. If this call were to fail, this method would just
                    // return null and the cookie payload would get skipped.
-                    $cookie = CookieValuePrefix::validate(
-                        static::$cookie,
-                        Crypt::decryptString($cookie),
+                    $cookieValue = CookieValuePrefix::validate(
+                        $cookieName,
+                        Crypt::decryptString($cookieValue),
                        Crypt::getAllKeys()
                    );
                }
@ -113,6 +111,6 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
            return null;
        }

-        return $cookie;
+        return $cookieValue;
    }
 }
--- a/src/Overrides/TenancyUrlGenerator.php
+++ b/src/Overrides/TenancyUrlGenerator.php
@ -9,6 +9,7 @@ use Illuminate\Routing\UrlGenerator;
 use Illuminate\Support\Arr;
 use InvalidArgumentException;
 use Stancl\Tenancy\Resolvers\PathTenantResolver;
+use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;

 /**
 * This class is used in place of the default UrlGenerator when UrlGeneratorBootstrapper is enabled.
@ -86,12 +87,22 @@ class TenancyUrlGenerator extends UrlGenerator
    public static array $overrides = [];

    /**
-     * Use default parameter names ('tenant' name and tenant key value) instead of the parameter name
-     * and column name configured in the path resolver config.
+     * Follow the query_parameter config instead of the tenant_parameter_name (path identification) config.
     *
-     * You want to enable this when using query string identification while having customized that config.
+     * This only has an effect when:
+     *   - $passTenantParameterToRoutes is enabled, and
+     *   - the tenant_parameter_name config for the path resolver differs from the query_parameter config for the request data resolver.
+     *
+     * In such a case, instead of adding ['tenant' => '...'] to the route parameters (or whatever your tenant_parameter_name is if not 'tenant'),
+     * the query_parameter will be passed instead, e.g. ['team' => '...'] if your query_parameter config is 'team'.
+     *
+     * This is enabled by default because typically you will not need $passTenantParameterToRoutes with path identification.
+     * UrlGeneratorBootstrapper::$addTenantParameterToDefaults is recommended instead when using path identification.
+     *
+     * On the other hand, when using request data identification (specifically query string) you WILL need to pass the parameter
+     * directly to route() calls, therefore you would use $passTenantParameterToRoutes to avoid having to do that manually.
     */
-    public static bool $defaultParameterNames = false;
+    public static bool $passQueryParameter = true;

    /**
     * Override the route() method so that the route name gets prefixed
@ -175,11 +186,14 @@ class TenancyUrlGenerator extends UrlGenerator
    protected function addTenantParameter(array $parameters): array
    {
        if (tenant() && static::$passTenantParameterToRoutes) {
-            if (static::$defaultParameterNames) {
-                return array_merge($parameters, ['tenant' => tenant()->getTenantKey()]);
-            } else {
-                return array_merge($parameters, [PathTenantResolver::tenantParameterName() => PathTenantResolver::tenantParameterValue(tenant())]);
+            if (static::$passQueryParameter) {
+                $queryParameterName = RequestDataTenantResolver::queryParameterName();
+                if ($queryParameterName !== null) {
+                    return array_merge($parameters, [$queryParameterName => RequestDataTenantResolver::payloadValue(tenant())]);
+                }
            }
+
+            return array_merge($parameters, [PathTenantResolver::tenantParameterName() => PathTenantResolver::tenantParameterValue(tenant())]);
        } else {
            return $parameters;
        }
--- a/src/Resolvers/RequestDataTenantResolver.php
+++ b/src/Resolvers/RequestDataTenantResolver.php
@ -20,7 +20,9 @@ class RequestDataTenantResolver extends Contracts\CachedTenantResolver
    {
        $payload = (string) $args[0];

-        if ($payload && $tenant = tenancy()->find($payload, withRelations: true)) {
+        $column = static::tenantModelColumn();
+
+        if ($payload && $tenant = tenancy()->find($payload, $column, withRelations: true)) {
            return $tenant;
        }

@ -29,8 +31,43 @@ class RequestDataTenantResolver extends Contracts\CachedTenantResolver

    public function getPossibleCacheKeys(Tenant&Model $tenant): array
    {
+        // todo@tests
        return [
-            $this->formatCacheKey($tenant->getTenantKey()),
+            $this->formatCacheKey(static::payloadValue($tenant)),
        ];
    }
+
+    public static function payloadValue(Tenant $tenant): string
+    {
+        return $tenant->getAttribute(static::tenantModelColumn());
+    }
+
+    public static function tenantModelColumn(): string
+    {
+        return config('tenancy.identification.resolvers.' . static::class . '.tenant_model_column') ?? tenancy()->model()->getTenantKeyName();
+    }
+
+    /**
+     * Returns the name of the header used for identification, or null if header identification is disabled.
+     */
+    public static function headerName(): string|null
+    {
+        return config('tenancy.identification.resolvers.' . static::class . '.header');
+    }
+
+    /**
+     * Returns the name of the query parameter used for identification, or null if query parameter identification is disabled.
+     */
+    public static function queryParameterName(): string|null
+    {
+        return config('tenancy.identification.resolvers.' . static::class . '.query_parameter');
+    }
+
+    /**
+     * Returns the name of the cookie used for identification, or null if cookie identification is disabled.
+     */
+    public static function cookieName(): string|null
+    {
+        return config('tenancy.identification.resolvers.' . static::class . '.cookie');
+    }
 }