archtechx/tenancy
1
0
Fork 0
mirror of https://github.com/archtechx/tenancy.git synced 2026-02-05 09:54:05 +00:00
Code Activity

Simplify CreateRLSPoliciesForTenantTables

Browse source
This commit is contained in:
lukinovec 2023-06-07 10:03:40 +02:00
parent 1bc6885a4c
commit 6bd23d5e3e
1 changed files with 21 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

54
src/Commands/CreateRLSPoliciesForTenantTables.php
View file

@ -19,9 +19,9 @@ class CreateRLSPoliciesForTenantTables extends Command
public function handle(): int public function handle(): int
{ {
foreach (tenancy()->getModels() as $model) { DB::transaction(function () {
DB::transaction(fn () => $this->useRlsOnModel($model)); tenancy()->getModels()->each(fn (Model $model) => $this->useRlsOnModel($model));
} });
return Command::SUCCESS; return Command::SUCCESS;
} }
@ -36,46 +36,34 @@ class CreateRLSPoliciesForTenantTables extends Command
DB::statement("DROP POLICY IF EXISTS {$table}_rls_policy ON {$table}"); DB::statement("DROP POLICY IF EXISTS {$table}_rls_policy ON {$table}");
if (! tenancy()->modelBelongsToTenant($model)) { if (tenancy()->modelBelongsToTenant($model)) {
// Table is not directly related to a tenant
if (tenancy()->modelBelongsToTenantIndirectly($model)) {
$this->makeSecondaryModelUseRls($model);
} else {
$this->components->info("Skipping RLS policy creation table '$table' is not related to a tenant.");
}
} else {
DB::statement("CREATE POLICY {$table}_rls_policy ON {$table} USING ({$tenantKey}::TEXT = current_user);"); DB::statement("CREATE POLICY {$table}_rls_policy ON {$table} USING ({$tenantKey}::TEXT = current_user);");
$this->enableRls($table); $this->enableRls($table);
$this->components->info("Created RLS policy for table '$table'"); $this->components->info("Created RLS policy for table '$table'");
} }
}
protected function makeSecondaryModelUseRls(Model $model): void if (tenancy()->modelBelongsToTenantIndirectly($model)) {
{ /** @phpstan-ignore-next-line */
$table = $model->getTable(); $parentName = $model->getRelationshipToPrimaryModel();
$tenantKey = tenancy()->tenantKeyColumn(); $parentKey = $model->$parentName()->getForeignKeyName();
$parentTable = $model->$parentName()->make()->getTable();
/** @phpstan-ignore-next-line */ DB::statement("CREATE POLICY {$table}_rls_policy ON {$table} USING (
$parentName = $model->getRelationshipToPrimaryModel(); {$parentKey} IN (
$parentKey = $model->$parentName()->getForeignKeyName(); SELECT id
$parentModel = $model->$parentName()->make();
$parentTable = $parentModel->getTable();
DB::statement("CREATE POLICY {$table}_rls_policy ON {$table} USING (
{$parentKey} IN (
SELECT id
FROM {$parentTable}
WHERE ({$tenantKey} = (
SELECT {$tenantKey}
FROM {$parentTable} FROM {$parentTable}
WHERE id = {$parentKey} WHERE ({$tenantKey} = (
)) SELECT {$tenantKey}
) FROM {$parentTable}
)"); WHERE id = {$parentKey}
))
)
)");
$this->enableRls($table); $this->enableRls($table);
}
} }
protected function enableRls(string $table): void protected function enableRls(string $table): void