mirror of
https://github.com/archtechx/tenancy.git
synced 2026-05-06 19:44:03 +00:00
Add DatabaseTenancyBootstrapper::$harden
Since It's possible to update tenant's db_name to the central DB or the DB of another tenant. Setting $harden to true prevents tenants from connecting to the wrong databases.
This commit is contained in:
lukinovec
parent
1a01164b87
commit
665404e7fa
2 changed files with 88 additions and 2 deletions
|
|
@ -1,18 +1,76 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Event;
|
||||
use Stancl\JobPipeline\JobPipeline;
|
||||
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
|
||||
use Stancl\Tenancy\Events\TenancyEnded;
|
||||
use Stancl\Tenancy\Events\TenancyInitialized;
|
||||
use Stancl\Tenancy\Jobs\CreateDatabase;
|
||||
use Stancl\Tenancy\Events\TenantCreated;
|
||||
use Stancl\Tenancy\Listeners\BootstrapTenancy;
|
||||
use Stancl\Tenancy\Listeners\RevertToCentralContext;
|
||||
use Stancl\Tenancy\Tests\Etc\Tenant;
|
||||
|
||||
use function Stancl\Tenancy\Tests\pest;
|
||||
use Illuminate\Support\Str;
|
||||
|
||||
beforeEach(function () {
|
||||
$cleanup = function () {
|
||||
DatabaseTenancyBootstrapper::$harden = false;
|
||||
};
|
||||
|
||||
beforeEach(function () use ($cleanup) {
|
||||
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
|
||||
Event::listen(TenancyEnded::class, RevertToCentralContext::class);
|
||||
|
||||
$cleanup();
|
||||
});
|
||||
|
||||
afterEach($cleanup);
|
||||
|
||||
test('harden prevents tenants from using the central database', function () {
|
||||
config([
|
||||
'tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class],
|
||||
]);
|
||||
|
||||
DatabaseTenancyBootstrapper::$harden = true;
|
||||
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
})->toListener());
|
||||
|
||||
$tenant = Tenant::create();
|
||||
|
||||
$tenant->update([
|
||||
'tenancy_db_name' => 'main', // Central database name
|
||||
]);
|
||||
|
||||
// Harden blocks initialization for tenants that use central database
|
||||
expect(fn () => tenancy()->initialize($tenant))->toThrow(RuntimeException::class);
|
||||
});
|
||||
|
||||
test('harden prevents tenants from using a database of another tenant', function () {
|
||||
config([
|
||||
'tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class],
|
||||
]);
|
||||
|
||||
DatabaseTenancyBootstrapper::$harden = true;
|
||||
|
||||
Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
|
||||
return $event->tenant;
|
||||
})->toListener());
|
||||
|
||||
$tenant = Tenant::create();
|
||||
|
||||
Tenant::create([
|
||||
'tenancy_db_name' => $tenantDbName = 'foo' . Str::random(8),
|
||||
]);
|
||||
|
||||
$tenant->update([
|
||||
'tenancy_db_name' => $tenantDbName, // Database of another tenant
|
||||
]);
|
||||
|
||||
// Harden blocks initialization for tenants that use a database of another tenant
|
||||
expect(fn () => tenancy()->initialize($tenant))->toThrow(RuntimeException::class);
|
||||
});
|
||||
|
||||
test('database tenancy bootstrapper throws an exception if DATABASE_URL is set', function (string|null $databaseUrl) {
|
||||
|
|
@ -32,4 +90,3 @@ test('database tenancy bootstrapper throws an exception if DATABASE_URL is set',
|
|||
|
||||
expect(true)->toBe(true);
|
||||
})->with(['abc.us-east-1.rds.amazonaws.com', null]);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue