archtechx/tenancy
1
0
Fork 0
mirror of https://github.com/archtechx/tenancy.git synced 2026-02-05 07:54:03 +00:00
Code Activity

Merge branch 'may25' into rls-fake-constrained-foreign-keys

Browse source
This commit is contained in:
Samuel Štancl 2025-06-05 05:08:14 +02:00
commit 8c773245f7
20 changed files with 776 additions and 151 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/Bootstrappers/FortifyRouteBootstrapperTest.php
View file

@ -20,7 +20,7 @@ afterEach(function () {
FortifyRouteBootstrapper::$passTenantParameter = true;
FortifyRouteBootstrapper::$fortifyRedirectMap = [];
FortifyRouteBootstrapper::$fortifyHome = 'tenant.dashboard';
FortifyRouteBootstrapper::$defaultParameterNames = false;
FortifyRouteBootstrapper::$passQueryParameter = false;
});
test('fortify route tenancy bootstrapper updates fortify config correctly', function() {

232
tests/Bootstrappers/UrlGeneratorBootstrapperTest.php
View file

@ -1,5 +1,6 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Routing\UrlGenerator;
use Stancl\Tenancy\Tests\Etc\Tenant;
use Illuminate\Support\Facades\Event;
@ -12,8 +13,13 @@ use Stancl\Tenancy\Overrides\TenancyUrlGenerator;
use Stancl\Tenancy\Listeners\RevertToCentralContext;
use Stancl\Tenancy\Middleware\InitializeTenancyByPath;
use Illuminate\Routing\Exceptions\UrlGenerationException;
use Illuminate\Support\Facades\Schema;
use Stancl\Tenancy\Bootstrappers\UrlGeneratorBootstrapper;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedByRequestDataException;
use Stancl\Tenancy\Middleware\InitializeTenancyByRequestData;
use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
@ -44,82 +50,224 @@ test('url generator bootstrapper swaps the url generator instance correctly', fu
});
test('tenancy url generator can prefix route names passed to the route helper', function() {
Route::get('/central/home', fn () => route('home'))->name('home');
// Tenant route name prefix is 'tenant.' by default
Route::get('/tenant/home', fn () => route('tenant.home'))->name('tenant.home');
config([
'tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_route_name_prefix' => 'custom_prefix.',
]);
Route::get('/central/home', fn () => '')->name('home');
Route::get('/tenant/home', fn () => '')->name('custom_prefix.home');
$tenant = Tenant::create();
$centralRouteUrl = route('home');
$tenantRouteUrl = route('tenant.home');
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
tenancy()->initialize($tenant);
// Route names don't get prefixed when TenancyUrlGenerator::$prefixRouteNames is false (default)
expect(route('home'))->toBe($centralRouteUrl);
expect(route('home'))->toBe('http://localhost/central/home');
// When $prefixRouteNames is true, the route name passed to the route() helper ('home') gets prefixed with 'tenant.' automatically.
// When $prefixRouteNames is true, the route name passed to the route() helper ('home') gets prefixed automatically.
TenancyUrlGenerator::$prefixRouteNames = true;
expect(route('home'))->toBe($tenantRouteUrl);
expect(route('home'))->toBe('http://localhost/tenant/home');
// The 'tenant.home' route name doesn't get prefixed -- it is already prefixed with 'tenant.'
expect(route('tenant.home'))->toBe($tenantRouteUrl);
// The 'custom_prefix.home' route name doesn't get prefixed -- it is already prefixed with 'custom_prefix.'
expect(route('custom_prefix.home'))->toBe('http://localhost/tenant/home');
// Ending tenancy reverts route() behavior changes
tenancy()->end();
expect(route('home'))->toBe($centralRouteUrl);
expect(route('home'))->toBe('http://localhost/central/home');
});
test('the route helper can receive the tenant parameter automatically', function (
string $identification,
bool $addTenantParameterToDefaults,
bool $passTenantParameterToRoutes,
) {
test('path identification route helper behavior', function (bool $addTenantParameterToDefaults, bool $passTenantParameterToRoutes) {
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
$appUrl = config('app.url');
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = $addTenantParameterToDefaults;
// When the tenant parameter isn't added to defaults, the tenant parameter has to be passed "manually"
// by setting $passTenantParameterToRoutes to true. This is only preferable with query string identification.
// With path identification, this ultimately doesn't have any effect
// if UrlGeneratorBootstrapper::$addTenantParameterToDefaults is true,
// but TenancyUrlGenerator::$passTenantParameterToRoutes can still be used instead.
TenancyUrlGenerator::$passTenantParameterToRoutes = $passTenantParameterToRoutes;
$tenant = Tenant::create();
$tenantKey = $tenant->getTenantKey();
Route::get('/central/home', fn () => route('home'))->name('home');
$tenantRoute = $identification === InitializeTenancyByPath::class ? "/{tenant}/home" : "/tenant/home";
Route::get($tenantRoute, fn () => route('tenant.home'))
Route::get('/{tenant}/home', fn () => tenant('id'))
->name('tenant.home')
->middleware(['tenant', $identification]);
->middleware([InitializeTenancyByPath::class]);
tenancy()->initialize($tenant);
$expectedUrl = match (true) {
$identification === InitializeTenancyByRequestData::class && $passTenantParameterToRoutes => "{$appUrl}/tenant/home?tenant={$tenantKey}",
$identification === InitializeTenancyByRequestData::class => "{$appUrl}/tenant/home", // $passTenantParameterToRoutes is false
$identification === InitializeTenancyByPath::class && ($addTenantParameterToDefaults || $passTenantParameterToRoutes) => "{$appUrl}/{$tenantKey}/home",
$identification === InitializeTenancyByPath::class => null, // Should throw an exception -- route() doesn't receive the tenant parameter in this case
};
if ($expectedUrl === null) {
if (! $addTenantParameterToDefaults && ! $passTenantParameterToRoutes) {
expect(fn () => route('tenant.home'))->toThrow(UrlGenerationException::class, 'Missing parameter: tenant');
} else {
expect(route('tenant.home'))->toBe($expectedUrl);
// If at least *one* of the approaches was used, the parameter will make its way to the route
expect(route('tenant.home'))->toBe("http://localhost/{$tenant->id}/home");
pest()->get(route('tenant.home'))->assertSee($tenant->id);
}
})->with([InitializeTenancyByPath::class, InitializeTenancyByRequestData::class])
->with([true, false]) // UrlGeneratorBootstrapper::$addTenantParameterToDefaults
})->with([true, false]) // UrlGeneratorBootstrapper::$addTenantParameterToDefaults
->with([true, false]); // TenancyUrlGenerator::$passTenantParameterToRoutes
test('request data identification route helper behavior', function (bool $addTenantParameterToDefaults, bool $passTenantParameterToRoutes) {
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = $addTenantParameterToDefaults;
TenancyUrlGenerator::$passTenantParameterToRoutes = $passTenantParameterToRoutes;
$tenant = Tenant::create();
Route::get('/tenant/home', fn () => tenant('id'))
->name('tenant.home')
->middleware([InitializeTenancyByRequestData::class]);
tenancy()->initialize($tenant);
if ($passTenantParameterToRoutes) {
// Only $passTenantParameterToRoutes has an effect, defaults do not affect request data URL generation
expect(route('tenant.home'))->toBe("http://localhost/tenant/home?tenant={$tenant->id}");
pest()->get(route('tenant.home'))->assertSee($tenant->id);
} else {
expect(route('tenant.home'))->toBe("http://localhost/tenant/home");
expect(fn () => $this->withoutExceptionHandling()->get(route('tenant.home')))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
}
})->with([true, false]) // UrlGeneratorBootstrapper::$addTenantParameterToDefaults
->with([true, false]); // TenancyUrlGenerator::$passTenantParameterToRoutes
test('changing request data query parameter and model column is respected by the url generator', function () {
config([
'tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class],
'tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.query_parameter' => 'team',
'tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => 'slug',
]);
Tenant::$extraCustomColumns = ['slug'];
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
});
TenancyUrlGenerator::$passTenantParameterToRoutes = true;
$tenant = Tenant::create(['slug' => 'acme']);
Route::get('/tenant/home', fn () => tenant('id'))
->name('tenant.home')
->middleware([InitializeTenancyByRequestData::class]);
tenancy()->initialize($tenant);
expect(route('tenant.home'))->toBe("http://localhost/tenant/home?team=acme");
pest()->get(route('tenant.home'))->assertSee($tenant->id);
});
test('setting extra model columns sets additional URL defaults', function () {
Tenant::$extraCustomColumns = ['slug'];
TenancyUrlGenerator::$passTenantParameterToRoutes = false;
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = true;
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.allowed_extra_model_columns' => ['slug']]);
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
});
Route::get('/{tenant}/foo/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('foo');
Route::get('/{tenant:slug}/fooslug/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('fooslug');
$tenant = Tenant::create(['slug' => 'acme']);
// In central context, no URL defaults are applied
expect(route('foo', [$tenant->getTenantKey(), 'bar']))->toBe("http://localhost/{$tenant->getTenantKey()}/foo/bar");
pest()->get(route('foo', [$tenant->getTenantKey(), 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
expect(route('fooslug', ['acme', 'bar']))->toBe('http://localhost/acme/fooslug/bar');
pest()->get(route('fooslug', ['acme', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
// In tenant context, URL defaults are applied
tenancy()->initialize($tenant);
expect(route('foo', ['bar']))->toBe("http://localhost/{$tenant->getTenantKey()}/foo/bar");
pest()->get(route('foo', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
expect(route('fooslug', ['bar']))->toBe('http://localhost/acme/fooslug/bar');
pest()->get(route('fooslug', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
});
test('changing the tenant model column changes the default value for the tenant parameter', function () {
Tenant::$extraCustomColumns = ['slug'];
TenancyUrlGenerator::$passTenantParameterToRoutes = false;
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = true;
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_model_column' => 'slug']);
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
});
Route::get('/{tenant}/foo/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('foo');
$tenant = Tenant::create(['slug' => 'acme']);
// In central context, no URL defaults are applied
expect(route('foo', ['acme', 'bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['acme', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
// In tenant context, URL defaults are applied
tenancy()->initialize($tenant);
expect(route('foo', ['bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
});
test('changing the tenant parameter name is respected by the url generator', function () {
Tenant::$extraCustomColumns = ['slug', 'slug2'];
TenancyUrlGenerator::$passTenantParameterToRoutes = false;
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = true;
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_parameter_name' => 'team']);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_model_column' => 'slug']);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.allowed_extra_model_columns' => ['slug2']]);
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
$table->string('slug2')->unique();
});
Route::get('/{team}/foo/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('foo');
Route::get('/{team:slug2}/fooslug2/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('fooslug2');
$tenant = Tenant::create(['slug' => 'acme', 'slug2' => 'acme2']);
// In central context, no URL defaults are applied
expect(route('foo', ['acme', 'bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['acme', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
expect(route('fooslug2', ['acme2', 'bar']))->toBe("http://localhost/acme2/fooslug2/bar");
pest()->get(route('fooslug2', ['acme2', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
// In tenant context, URL defaults are applied
tenancy()->initialize($tenant);
expect(route('foo', ['bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
expect(route('fooslug2', ['bar']))->toBe("http://localhost/acme2/fooslug2/bar");
pest()->get(route('fooslug2', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
});
test('url generator can override specific route names', function() {
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);

61
tests/PathIdentificationTest.php
View file

@ -3,15 +3,29 @@
declare(strict_types=1);
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Database\QueryException;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\Event;
use Stancl\Tenancy\Exceptions\RouteIsMissingTenantParameterException;
use Stancl\Tenancy\Exceptions\TenantColumnNotWhitelistedException;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedByPathException;
use Stancl\Tenancy\Middleware\InitializeTenancyByPath;
use Stancl\Tenancy\Resolvers\PathTenantResolver;
use Stancl\Tenancy\Tests\Etc\Tenant;
use Stancl\Tenancy\Events\TenantCreated;
use Stancl\Tenancy\Jobs\CreateDatabase;
use Stancl\Tenancy\Jobs\MigrateDatabase;
use Stancl\JobPipeline\JobPipeline;
use Stancl\Tenancy\Events\TenancyInitialized;
use Stancl\Tenancy\Listeners\BootstrapTenancy;
use Stancl\Tenancy\Listeners\RevertToCentralContext;
use Stancl\Tenancy\Tests\Etc\User;
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
use Stancl\Tenancy\Events\TenancyEnded;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
@ -35,6 +49,11 @@ beforeEach(function () {
});
});
afterEach(function () {
InitializeTenancyByPath::$onFail = null;
Tenant::$extraCustomColumns = [];
});
test('tenant can be identified by path', function () {
Tenant::create([
'id' => 'acme',
@ -150,6 +169,7 @@ test('central route can have a parameter with the same name as the tenant parame
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_parameter_name' => 'team']);
$tenantKey = Tenant::create()->getTenantKey();
// The route is flagged as central (while using kernel identification) so the {team} parameter should not be used for tenancy initialization
Route::get('/central/route/{team}/{a}/{b}', function ($team, $a, $b) {
return "$a + $b + $team";
})->middleware('central')->name('central-route');
@ -185,8 +205,6 @@ test('the tenant model column can be customized in the config', function () {
$this->withoutExceptionHandling();
pest()->get('/acme/foo')->assertSee($tenant->getTenantKey());
expect(fn () => pest()->get($tenant->id . '/foo'))->toThrow(TenantCouldNotBeIdentifiedByPathException::class);
Tenant::$extraCustomColumns = []; // static property reset
});
test('the tenant model column can be customized in the route definition', function () {
@ -218,8 +236,6 @@ test('the tenant model column can be customized in the route definition', functi
// Binding field defined
pest()->get('/acme/bar')->assertSee($tenant->getTenantKey());
expect(fn () => pest()->get($tenant->id . '/bar'))->toThrow(TenantCouldNotBeIdentifiedByPathException::class);
Tenant::$extraCustomColumns = []; // static property reset
});
test('any extra model column needs to be whitelisted', function () {
@ -243,6 +259,39 @@ test('any extra model column needs to be whitelisted', function () {
// After whitelisting the column it works
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.allowed_extra_model_columns' => ['slug']]);
pest()->get('/acme/foo')->assertSee($tenant->getTenantKey());
Tenant::$extraCustomColumns = []; // static property reset
});
test('route model binding works with path identification', function() {
config(['tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class]]);
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
Event::listen(TenantCreated::class, JobPipeline::make([
CreateDatabase::class, MigrateDatabase::class,
])->send(fn (TenantCreated $event) => $event->tenant)->toListener());
Event::listen(TenancyEnded::class, RevertToCentralContext::class);
$tenant = Tenant::create();
$this->withoutExceptionHandling();
// Importantly, the route must have the 'web' middleware group, or SubstituteBindings directly
Route::get('/{tenant}/foo/{user}', fn (User $user) => $user->name)->middleware([InitializeTenancyByPath::class, 'web']);
Route::get('/{tenant}/bar/{user}', fn (User $user) => $user->name)->middleware([InitializeTenancyByPath::class, SubstituteBindings::class]);
$user = $tenant->run(fn () => User::create(['name' => 'John Doe', 'email' => 'john@doe.com', 'password' => 'foobar']));
pest()->get("/{$tenant->id}/foo/{$user->id}")->assertSee("John Doe");
tenancy()->end();
pest()->get("/{$tenant->id}/bar/{$user->id}")->assertSee("John Doe");
tenancy()->end();
// If SubstituteBindings comes BEFORE tenancy middleware and middleware priority is not set, route model binding is NOT expected to work correctly
// Since SubstituteBindings runs first, it tries to query the central database instead of the tenant database (which fails with a QueryException in this case)
Route::get('/{tenant}/baz/{user}', fn (User $user) => $user->name ?: 'No user')->middleware([SubstituteBindings::class, InitializeTenancyByPath::class]);
expect(fn () => pest()->get("/{$tenant->id}/baz/{$user->id}"))->toThrow(QueryException::class);
tenancy()->end();
// If SubstituteBindings is NOT USED AT ALL, we simply get an empty User instance
Route::get('/{tenant}/xyz/{user}', fn (User $user) => $user->name ?: 'No user')->middleware([InitializeTenancyByPath::class]);
pest()->get("/{$tenant->id}/xyz/{$user->id}")->assertSee('No user');
});

14
tests/RLS/PolicyTest.php
View file

@ -20,6 +20,7 @@ use Stancl\Tenancy\Bootstrappers\PostgresRLSBootstrapper;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
TraitRLSManager::$excludedModels = [Article::class];
TraitRLSManager::$modelDirectories = [__DIR__ . '/Etc'];
@ -79,6 +80,10 @@ beforeEach(function () {
});
});
afterEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
});
// Regression test for https://github.com/archtechx/tenancy/pull/1280
test('rls command doesnt fail when a view is in the database', function (string $manager) {
DB::statement("
@ -184,7 +189,9 @@ test('rls command recreates policies if the force option is passed', function (s
TraitRLSManager::class,
]);
test('queries will stop working when the tenant session variable is not set', function(string $manager) {
test('queries will stop working when the tenant session variable is not set', function(string $manager, bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
config(['tenancy.rls.manager' => $manager]);
$sessionVariableName = config('tenancy.rls.session_variable_name');
@ -216,7 +223,4 @@ test('queries will stop working when the tenant session variable is not set', fu
INSERT INTO posts (text, tenant_id, author_id)
VALUES ('post2', ?, ?)
SQL, [$tenant->id, $authorId]))->toThrow(QueryException::class);
})->with([
TableRLSManager::class,
TraitRLSManager::class,
]);
})->with([TableRLSManager::class, TraitRLSManager::class])->with([true, false]);

146
tests/RLS/TableManagerTest.php
View file

@ -23,6 +23,7 @@ use function Stancl\Tenancy\Tests\pest;
use Stancl\Tenancy\Exceptions\RLSCommentConstraintException;
beforeEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
TableRLSManager::$scopeByDefault = true;
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
@ -108,6 +109,10 @@ beforeEach(function () {
});
});
afterEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
});
test('correct rls policies get created with the correct hash using table manager', function() {
$manager = app(config('tenancy.rls.manager'));
@ -160,7 +165,9 @@ test('correct rls policies get created with the correct hash using table manager
}
});
test('queries are correctly scoped using RLS', function() {
test('queries are correctly scoped using RLS', function (bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
// 3-levels deep relationship
Schema::create('notes', function (Blueprint $table) {
$table->id();
@ -321,7 +328,7 @@ test('queries are correctly scoped using RLS', function() {
expect(fn () => DB::statement("INSERT INTO notes (text, comment_id) VALUES ('baz', {$post1Comment->id})"))
->toThrow(QueryException::class);
});
})->with([true, false]);
test('table rls manager generates shortest paths that lead to the tenants table correctly', function (bool $scopeByDefault) {
TableRLSManager::$scopeByDefault = $scopeByDefault;
@ -451,6 +458,109 @@ test('table rls manager generates shortest paths that lead to the tenants table
]);
})->with([true, false]);
// https://github.com/archtechx/tenancy/pull/1293
test('forceRls prevents even the table owner from querying his own tables if he doesnt have a BYPASSRLS permission', function (bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
// Drop all tables created in beforeEach
DB::statement("DROP TABLE authors, categories, posts, comments, reactions, articles;");
// Create a new user so we have full control over the permissions.
// We explicitly set bypassRls to false.
[$username, $password] = createPostgresUser('administrator', bypassRls: false);
config(['database.connections.central' => array_merge(config('database.connections.pgsql'), [
'username' => $username,
'password' => $password,
])]);
DB::reconnect();
// This table is owned by the newly created 'administrator' user
Schema::create('orders', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('tenant_id')->comment('rls');
$table->foreign('tenant_id')->references('id')->on('tenants')->onUpdate('cascade')->onDelete('cascade');
$table->timestamps();
});
$tenant1 = Tenant::create();
// Create RLS policy for the orders table
pest()->artisan('tenants:rls');
$tenant1->run(fn () => Order::create(['name' => 'order1', 'tenant_id' => $tenant1->getTenantKey()]));
// We are still using the 'administrator' user - owner of the orders table
if ($forceRls) {
// RLS is forced, so by default, not even the table owner should be able to query the table protected by the RLS policy.
// The RLS policy is not being bypassed, 'unrecognized configuration parameter' means
// that the my.current_tenant session variable isn't set -- the RLS policy is *still* being enforced.
expect(fn () => Order::first())->toThrow(QueryException::class, 'unrecognized configuration parameter "my.current_tenant"');
} else {
// RLS is not forced, so the table owner should be able to query the table, bypassing the RLS policy
expect(Order::first())->not()->toBeNull();
}
})->with([true, false]);
test('users with BYPASSRLS privilege can bypass RLS regardless of forceRls setting', function (bool $forceRls, bool $bypassRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
// Drop all tables created in beforeEach
DB::statement("DROP TABLE authors, categories, posts, comments, reactions, articles;");
// Create a new user so we have control over his BYPASSRLS permission
// and use that as the new central connection user
[$username, $password] = createPostgresUser('administrator', 'password', $bypassRls);
config(['database.connections.central' => array_merge(config('database.connections.pgsql'), [
'username' => $username,
'password' => $password,
])]);
DB::reconnect();
Schema::create('orders', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('tenant_id')->comment('rls');
$table->foreign('tenant_id')->references('id')->on('tenants')->onUpdate('cascade')->onDelete('cascade');
$table->timestamps();
});
$tenant1 = Tenant::create();
// Create RLS policy for the orders table
pest()->artisan('tenants:rls');
$tenant1->run(fn () => Order::create(['name' => 'order1', 'tenant_id' => $tenant1->getTenantKey()]));
// We are still using the 'administrator' user
if ($bypassRls) {
// Users with BYPASSRLS can always query tables regardless of forceRls setting
expect(Order::count())->toBe(1);
expect(Order::first()->name)->toBe('order1');
} else {
// Users without BYPASSRLS are subject to RLS policies even if they're table owners when forceRls is true
// OR they can bypass as table owners (when forceRls=false)
if ($forceRls) {
// Even table owners need session variable -- this means RLS was NOT bypassed
expect(fn () => Order::first())->toThrow(QueryException::class, 'unrecognized configuration parameter "my.current_tenant"');
} else {
// Table owners can bypass RLS automatically when forceRls is false
expect(Order::count())->toBe(1);
expect(Order::first()->name)->toBe('order1');
}
}
})->with([true, false])->with([true, false]);
test('table rls manager generates queries correctly', function() {
expect(array_values(app(TableRLSManager::class)->generateQueries()))->toEqualCanonicalizing([
<<<SQL
@ -700,6 +810,33 @@ test('table manager handles tables with self-referencing foreign keys correctly'
]);
});
function createPostgresUser(string $username, string $password = 'password', bool $bypassRls = false): array
{
try {
DB::statement("DROP OWNED BY {$username};");
} catch (\Throwable) {}
DB::statement("DROP USER IF EXISTS {$username};");
DB::statement("CREATE USER {$username} WITH ENCRYPTED PASSWORD '{$password}'");
DB::statement("ALTER USER {$username} CREATEDB");
DB::statement("ALTER USER {$username} CREATEROLE");
// Grant BYPASSRLS privilege if requested
if ($bypassRls) {
DB::statement("ALTER USER {$username} BYPASSRLS");
}
// Grant privileges to the new central user
DB::statement("GRANT ALL PRIVILEGES ON DATABASE main to {$username}");
DB::statement("GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO {$username}");
DB::statement("GRANT ALL ON SCHEMA public TO {$username}");
DB::statement("ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO {$username}");
DB::statement("GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO {$username}");
return [$username, $password];
}
class Post extends Model
{
protected $guarded = [];
@ -752,3 +889,8 @@ class Author extends Model
{
protected $guarded = [];
}
class Order extends Model
{
protected $guarded = [];
}

13
tests/RLS/TraitManagerTest.php
View file

@ -28,6 +28,7 @@ use Stancl\Tenancy\Database\Concerns\BelongsToPrimaryModel;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
TraitRLSManager::$implicitRLS = true;
TraitRLSManager::$modelDirectories = [__DIR__ . '/Etc'];
TraitRLSManager::$excludedModels = [Article::class];
@ -78,6 +79,10 @@ beforeEach(function () {
});
});
afterEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
});
test('correct rls policies get created with the correct hash using trait manager', function () {
$manager = app(TraitRLSManager::class);
@ -149,7 +154,8 @@ test('global scope is not applied when using rls with single db traits', functio
expect(NonRLSComment::make()->hasGlobalScope(ParentModelScope::class))->toBeFalse();
});
test('queries are correctly scoped using RLS with trait rls manager', function (bool $implicitRLS) {
test('queries are correctly scoped using RLS with trait rls manager', function (bool $implicitRLS, bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
TraitRLSManager::$implicitRLS = $implicitRLS;
$postModel = $implicitRLS ? NonRLSPost::class : Post::class;
@ -263,10 +269,7 @@ test('queries are correctly scoped using RLS with trait rls manager', function (
expect(fn () => DB::statement("INSERT INTO comments (text, post_id) VALUES ('third comment', {$post1->id})"))
->toThrow(QueryException::class);
})->with([
true,
false
]);
})->with([true, false])->with([true, false]);
test('trait rls manager generates queries correctly', function() {
/** @var TraitRLSManager $manager */

105
tests/RequestDataIdentificationTest.php
View file

@ -2,9 +2,11 @@
declare(strict_types=1);
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Route;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedByRequestDataException;
use Stancl\Tenancy\Middleware\InitializeTenancyByRequestData;
use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;
use Stancl\Tenancy\Tests\Etc\Tenant;
use function Stancl\Tenancy\Tests\pest;
@ -15,45 +17,90 @@ beforeEach(function () {
],
]);
InitializeTenancyByRequestData::$header = 'X-Tenant';
InitializeTenancyByRequestData::$cookie = 'X-Tenant';
InitializeTenancyByRequestData::$queryParameter = 'tenant';
Route::middleware(['tenant', InitializeTenancyByRequestData::class])->get('/test', function () {
Route::middleware([InitializeTenancyByRequestData::class])->get('/test', function () {
return 'Tenant id: ' . tenant('id');
});
});
test('header identification works', function () {
$tenant = Tenant::create();
test('header identification works', function (string|null $tenantModelColumn) {
if ($tenantModelColumn) {
Schema::table('tenants', function (Blueprint $table) use ($tenantModelColumn) {
$table->string($tenantModelColumn)->unique();
});
Tenant::$extraCustomColumns = [$tenantModelColumn];
}
$this
->withoutExceptionHandling()
->withHeader('X-Tenant', $tenant->id)
->get('test')
->assertSee($tenant->id);
});
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => $tenantModelColumn]);
test('query parameter identification works', function () {
$tenant = Tenant::create();
$tenant = Tenant::create($tenantModelColumn ? [$tenantModelColumn => 'acme'] : []);
$payload = $tenantModelColumn ? 'acme' : $tenant->id;
$this
->withoutExceptionHandling()
->get('test?tenant=' . $tenant->id)
->assertSee($tenant->id);
});
// Default header name
$this->withoutExceptionHandling()->withHeader('X-Tenant', $payload)->get('test')->assertSee($tenant->id);
test('cookie identification works', function () {
$tenant = Tenant::create();
// Custom header name
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.header' => 'X-Custom-Tenant']);
$this->withoutExceptionHandling()->withHeader('X-Custom-Tenant', $payload)->get('test')->assertSee($tenant->id);
$this
->withoutExceptionHandling()
->withUnencryptedCookie('X-Tenant', $tenant->id)
->get('test')
->assertSee($tenant->id);
});
// Setting the header to null disables header identification
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.header' => null]);
expect(fn () => $this->withoutExceptionHandling()->withHeader('X-Tenant', $payload)->get('test'))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
})->with([null, 'slug']);
test('middleware throws exception when tenant data is not provided in the request', function () {
test('query parameter identification works', function (string|null $tenantModelColumn) {
if ($tenantModelColumn) {
Schema::table('tenants', function (Blueprint $table) use ($tenantModelColumn) {
$table->string($tenantModelColumn)->unique();
});
Tenant::$extraCustomColumns = [$tenantModelColumn];
}
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => $tenantModelColumn]);
$tenant = Tenant::create($tenantModelColumn ? [$tenantModelColumn => 'acme'] : []);
$payload = $tenantModelColumn ? 'acme' : $tenant->id;
// Default query parameter name
$this->withoutExceptionHandling()->get('test?tenant=' . $payload)->assertSee($tenant->id);
// Custom query parameter name
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.query_parameter' => 'custom_tenant']);
$this->withoutExceptionHandling()->get('test?custom_tenant=' . $payload)->assertSee($tenant->id);
// Setting the query parameter to null disables query parameter identification
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.query_parameter' => null]);
expect(fn () => $this->withoutExceptionHandling()->get('test?tenant=' . $payload))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
})->with([null, 'slug']);
test('cookie identification works', function (string|null $tenantModelColumn) {
if ($tenantModelColumn) {
Schema::table('tenants', function (Blueprint $table) use ($tenantModelColumn) {
$table->string($tenantModelColumn)->unique();
});
Tenant::$extraCustomColumns = [$tenantModelColumn];
}
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => $tenantModelColumn]);
$tenant = Tenant::create($tenantModelColumn ? [$tenantModelColumn => 'acme'] : []);
$payload = $tenantModelColumn ? 'acme' : $tenant->id;
// Default cookie name
$this->withoutExceptionHandling()->withUnencryptedCookie('tenant', $payload)->get('test')->assertSee($tenant->id);
// Custom cookie name
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.cookie' => 'custom_tenant_id']);
$this->withoutExceptionHandling()->withUnencryptedCookie('custom_tenant_id', $payload)->get('test')->assertSee($tenant->id);
// Setting the cookie to null disables cookie identification
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.cookie' => null]);
expect(fn () => $this->withoutExceptionHandling()->withUnencryptedCookie('tenant', $payload)->get('test'))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
})->with([null, 'slug']);
// todo@tests encrypted cookie
test('an exception is thrown when no tenant data is provided in the request', function () {
pest()->expectException(TenantCouldNotBeIdentifiedByRequestDataException::class);
$this->withoutExceptionHandling()->get('test');
});