archtechx/tenancy
1
0
Fork 0
mirror of https://github.com/archtechx/tenancy.git synced 2026-02-05 12:24:04 +00:00
Code Activity

Merge branch 'may25' into rls-fake-constrained-foreign-keys

Browse source
This commit is contained in:
Samuel Štancl 2025-06-05 05:08:14 +02:00
commit 8c773245f7
20 changed files with 776 additions and 151 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.php-cs-fixer.php
View file

@ -132,6 +132,7 @@ $finder = Finder::create()
->in([
$project_path . '/src',
])
->exclude('Enums')
->name('*.php')
->notName('*.blade.php')
->ignoreDotFiles(true)

129
CLAUDE.md Normal file
View file

@ -0,0 +1,129 @@
# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Development Commands
### Testing
- `composer test` - Run tests without coverage using Docker
- `./test tests/TestFile.php` - Run an entire test file
- `./t 'test name'` - Run a specific test
- You can append `-v` to get a full stack trace if a test fails due to an exception
### Code Quality
- `composer phpstan` - Run PHPStan static analysis (level 8)
- `composer cs` - Fix code style using PHP CS Fixer
### Docker Development
- `composer docker-up` - Start Docker environment
- `composer docker-down` - Stop Docker environment
- `composer docker-restart` - Restart Docker environment
## Architecture Overview
**Tenancy for Laravel** is a multi-tenancy package that automatically handles tenant isolation without requiring changes to application code.
### Core Components
**Central Classes:**
- `Tenancy` - Main orchestrator class managing tenant context and lifecycle
- `TenancyServiceProvider` (NOT the stub) - Registers services, commands, and bootstrappers
- `Tenant` (model) - Represents individual tenants with domains and databases
- `Domain` (model) - Maps domains/subdomains to tenants
**Tenant Identification:**
- **Resolvers** (`src/Resolvers/`) - Identify tenants by domain, path, or request data - this data comes from middleware
- **Middleware** (`src/Middleware/`) - Middleware that calls resolvers and tries to initialize tenancy based on information from a request
- **Cached resolvers** - Cached wrapper around resolvers to avoid querying the central database
**Tenancy Bootstrappers (`src/Bootstrappers/`):**
- `DatabaseTenancyBootstrapper` - Switches database connections
- `CacheTenancyBootstrapper` - Isolates cache by tenant
- `FilesystemTenancyBootstrapper` - Manages tenant-specific storage
- `QueueTenancyBootstrapper` - Ensures queued jobs run in correct tenant context
- `RedisTenancyBootstrapper` - Prefixes Redis keys by tenant
**Database Management:**
- **DatabaseManager** - Creates/deletes tenant databases and users
- **TenantDatabaseManagers** - Database-specific implementations (MySQL, PostgreSQL, SQLite, SQL Server)
- **Row Level Security (RLS)** - PostgreSQL-based tenant isolation using policies
**Advanced Features:**
- **Resource Syncing** - Sync central models to tenant databases
- **User Impersonation** - Admin access to tenant contexts
- **Cross-domain redirects** - Handle multi-domain tenant setups
- **Telescope integration** - Tag entries by tenant
### Key Patterns
**Tenant Context Management:**
```php
tenancy()->initialize($tenant); // Switch to tenant
tenancy()->run($tenant, $callback); // Atomic tenant execution
tenancy()->runForMultiple($tenants, $callback); // Batch operations
tenancy()->central($callback); // Run in central context
```
**Tenant Identification Flow:**
1. Middleware identifies tenant from request (domain/subdomain/path)
2. Resolver fetches tenant model from identification data
3. Tenancy initializes and bootstrappers configure tenant context
4. Application runs with tenant-specific database/cache/storage
**Route Middleware Groups:**
All of these work as flags, i.e. middleware groups that are empty arrays with a purely semantic use.
- `tenant` - Routes requiring tenant context
- `central` - Routes for central/admin functionality
- `universal` - Routes working in both contexts
- `clone` - Tells route cloning logic to clone the route
### Early Identification
**Early identification** ensures tenancy is initialized before controller instantiation, which is critical for certain scenarios.
**When needed:**
- Controllers using constructor dependency injection
- Integration with packages that inject dependencies in constructors
**The Problem:**
Laravel executes controller constructors and route model binding before route-level middleware runs, causing services to use central context instead of tenant context.
**Solutions:**
1. **Avoid Constructor Injection** - Use method injection instead
2. **Laravel's Native Solution** - Use controllers that implement `HasMiddleware` interface
3. **Kernel Identification** - Add middleware to HTTP Kernel's global stack:
```php
// In HttpKernel.php
protected $middleware = [
\Stancl\Tenancy\Middleware\InitializeTenancyByDomain::class,
// other middleware...
];
```
Note you also need to flag the route with the `'tenant'` middleware if default route mode (set in config) isn't set to TENANT.
**Benefits:**
- Constructor dependency injection receives tenant-aware services
- Seamless integration with existing Laravel applications
### Testing Environment
Tests use Docker with MySQL/PostgreSQL/Redis. The `./test` script runs Pest tests inside containers with proper database isolation.
`./t 'test name'` is equivalent to `./test --filter 'test name'`
**Key test patterns:**
- Database preparation and cleanup between tests
- Multi-database scenarios (central + tenant databases)
- Middleware and identification testing
- Resource syncing validation
### Configuration
Central config in `config/tenancy.php` controls:
- Tenant/domain model classes
- Database connection settings
- Enabled bootstrappers and features
- Identification middleware and resolvers
- Cache and storage prefixes

9
assets/config.php
View file

@ -119,7 +119,7 @@ return [
Resolvers\PathTenantResolver::class => [
'tenant_parameter_name' => 'tenant',
'tenant_model_column' => null, // null = tenant key
'tenant_route_name_prefix' => null, // null = 'tenant.'
'tenant_route_name_prefix' => 'tenant.',
'allowed_extra_model_columns' => [], // used with binding route fields
'cache' => false,
@ -127,6 +127,13 @@ return [
'cache_store' => null, // null = default
],
Resolvers\RequestDataTenantResolver::class => [
// Set any of these to null to disable that method of identification
'header' => 'X-Tenant',
'cookie' => 'tenant',
'query_parameter' => 'tenant',
'tenant_model_column' => null, // null = tenant key
'cache' => false,
'cache_ttl' => 3600, // seconds
'cache_store' => null, // null = default

33
src/Bootstrappers/Integrations/FortifyRouteBootstrapper.php
View file

@ -8,6 +8,7 @@ use Illuminate\Config\Repository;
use Stancl\Tenancy\Contracts\TenancyBootstrapper;
use Stancl\Tenancy\Contracts\Tenant;
use Stancl\Tenancy\Resolvers\PathTenantResolver;
use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;
/**
* Allows customizing Fortify action redirects so that they can also redirect
@ -38,7 +39,7 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper
* is handled in another way (TenancyUrlGenerator::$passTenantParameter for both,
* UrlGeneratorBootstrapper:$addTenantParameterToDefaults for path identification).
*/
public static bool $passTenantParameter = true;
public static bool $passTenantParameter = false;
/**
* Tenant route that serves as Fortify's home (e.g. a tenant dashboard route).
@ -47,12 +48,22 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper
public static string|null $fortifyHome = 'tenant.dashboard';
/**
* Use default parameter names ('tenant' name and tenant key value) instead of the parameter name
* and column name configured in the path resolver config.
* Follow the query_parameter config instead of the tenant_parameter_name (path identification) config.
*
* You want to enable this when using query string identification while having customized that config.
* This only has an effect when:
* - $passTenantParameter is enabled, and
* - the tenant_parameter_name config for the path resolver differs from the query_parameter config for the request data resolver.
*
* In such a case, instead of adding ['tenant' => '...'] to the route parameters (or whatever your tenant_parameter_name is if not 'tenant'),
* the query_parameter will be passed instead, e.g. ['team' => '...'] if your query_parameter config is 'team'.
*
* This is enabled by default because typically you will not need $passTenantParameter with path identification.
* UrlGeneratorBootstrapper::$addTenantParameterToDefaults is recommended instead when using path identification.
*
* On the other hand, when using request data identification (specifically query string) you WILL need to
* pass the parameter therefore you would use $passTenantParameter.
*/
public static bool $defaultParameterNames = false;
public static bool $passQueryParameter = true;
protected array $originalFortifyConfig = [];
@ -74,8 +85,14 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper
protected function useTenantRoutesInFortify(Tenant $tenant): void
{
$tenantParameterName = static::$defaultParameterNames ? 'tenant' : PathTenantResolver::tenantParameterName();
$tenantParameterValue = static::$defaultParameterNames ? $tenant->getTenantKey() : PathTenantResolver::tenantParameterValue($tenant);
if (static::$passQueryParameter) {
// todo@tests
$tenantParameterName = RequestDataTenantResolver::queryParameterName();
$tenantParameterValue = RequestDataTenantResolver::payloadValue($tenant);
} else {
$tenantParameterName = PathTenantResolver::tenantParameterName();
$tenantParameterValue = PathTenantResolver::tenantParameterValue($tenant);
}
$generateLink = function (string $redirect) use ($tenantParameterValue, $tenantParameterName) {
return route($redirect, static::$passTenantParameter ? [$tenantParameterName => $tenantParameterValue] : []);
@ -89,7 +106,7 @@ class FortifyRouteBootstrapper implements TenancyBootstrapper
if (static::$fortifyHome) {
// Generate the home route URL with the tenant parameter and make it the Fortify home route
$this->config->set('fortify.home', route(static::$fortifyHome, static::$passTenantParameter ? [$tenantParameterName => $tenantParameterValue] : []));
$this->config->set('fortify.home', $generateLink(static::$fortifyHome));
}
$this->config->set('fortify.redirects', $redirects);

16
src/Bootstrappers/UrlGeneratorBootstrapper.php
View file

@ -67,13 +67,15 @@ class UrlGeneratorBootstrapper implements TenancyBootstrapper
$defaultParameters = $this->originalUrlGenerator->getDefaultParameters();
if (static::$addTenantParameterToDefaults) {
$defaultParameters = array_merge(
$defaultParameters,
[
PathTenantResolver::tenantParameterName() => PathTenantResolver::tenantParameterValue($tenant), // path identification
'tenant' => $tenant->getTenantKey(), // query string identification
],
);
$tenantParameterName = PathTenantResolver::tenantParameterName();
$defaultParameters = array_merge($defaultParameters, [
$tenantParameterName => PathTenantResolver::tenantParameterValue($tenant),
]);
foreach (PathTenantResolver::allowedExtraModelColumns() as $column) {
$defaultParameters["$tenantParameterName:$column"] = $tenant->getAttribute($column);
}
}
$newGenerator->defaults($defaultParameters);

26
src/Commands/CreateUserWithRLSPolicies.php
View file

@ -22,6 +22,23 @@ class CreateUserWithRLSPolicies extends Command
protected $description = "Creates RLS policies for all tables related to the tenant table. Also creates the RLS user if it doesn't exist yet";
/**
* Force, rather than just enable, the created RLS policies.
*
* By default, table owners bypass RLS policies. When this is enabled,
* they also need the BYPASSRLS permission. If your setup lets you create
* a user with BYPASSRLS, you may prefer leaving this on for additional
* safety. Otherwise, if you can't use BYPASSRLS, you can set this to false
* and depend on the behavior of table owners bypassing RLS automatically.
*
* This setting generally doesn't affect behavior at all with "default"
* setups, however if you have a more custom setup, with additional users
* involved (e.g. central connection user not being the same user that
* creates tables, or the created "RLS user" creating some tables) you
* should take care with how you configure this.
*/
public static bool $forceRls = true;
public function handle(PermissionControlledPostgreSQLSchemaManager $manager): int
{
$username = config('tenancy.rls.user.username');
@ -49,15 +66,10 @@ class CreateUserWithRLSPolicies extends Command
// Enable RLS scoping on the table (without this, queries won't be scoped using RLS)
DB::statement("ALTER TABLE {$table} ENABLE ROW LEVEL SECURITY");
/**
* Force RLS scoping on the table, so that the table owner users
* don't bypass the scoping table owners bypass RLS by default.
*
* E.g. when using a custom implementation where you create tables as the RLS user,
* the queries won't be scoped for the RLS user unless we force the RLS scoping using this query.
*/
if (static::$forceRls) {
DB::statement("ALTER TABLE {$table} FORCE ROW LEVEL SECURITY");
}
}
/**
* Create a DatabaseConfig instance for the RLS user,

2
src/Database/Concerns/PendingScope.php
View file

@ -20,7 +20,7 @@ class PendingScope implements Scope
/**
* Apply the scope to a given Eloquent query builder.
*
* @param Builder<\Stancl\Tenancy\Contracts\Tenant&Model> $builder
* @param Builder<Model> $builder
*
* @return void
*/

11
src/Enums/RouteMode.php
View file

@ -4,9 +4,12 @@ declare(strict_types=1);
namespace Stancl\Tenancy\Enums;
enum RouteMode
/**
* Note: The backing values are not part of the public API and are subject to change.
*/
enum RouteMode: int
{
case TENANT;
case CENTRAL;
case UNIVERSAL;
case CENTRAL = 0b01;
case TENANT = 0b10;
case UNIVERSAL = 0b11;
}

38
src/Middleware/InitializeTenancyByRequestData.php
View file

@ -18,9 +18,6 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
{
use UsableWithEarlyIdentification;
public static string $header = 'X-Tenant';
public static string $cookie = 'tenant';
public static string $queryParameter = 'tenant';
public static ?Closure $onFail = null;
public static bool $requireCookieEncryption = false;
@ -54,18 +51,19 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
protected function getPayload(Request $request): string|null
{
if (static::$header && $request->hasHeader(static::$header)) {
$payload = $request->header(static::$header);
} elseif (
static::$queryParameter &&
$request->has(static::$queryParameter)
) {
$payload = $request->get(static::$queryParameter);
} elseif (static::$cookie && $request->hasCookie(static::$cookie)) {
$payload = $request->cookie(static::$cookie);
$headerName = RequestDataTenantResolver::headerName();
$queryParameterName = RequestDataTenantResolver::queryParameterName();
$cookieName = RequestDataTenantResolver::cookieName();
if ($headerName && $request->hasHeader($headerName)) {
$payload = $request->header($headerName);
} elseif ($queryParameterName && $request->has($queryParameterName)) {
$payload = $request->get($queryParameterName);
} elseif ($cookieName && $request->hasCookie($cookieName)) {
$payload = $request->cookie($cookieName);
if ($payload && is_string($payload)) {
$payload = $this->getTenantFromCookie($payload);
$payload = $this->getTenantFromCookie($cookieName, $payload);
}
} else {
$payload = null;
@ -86,12 +84,12 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
return (bool) $this->getPayload($request);
}
protected function getTenantFromCookie(string $cookie): string|null
protected function getTenantFromCookie(string $cookieName, string $cookieValue): string|null
{
// If the cookie looks like it's encrypted, we try decrypting it
if (str_starts_with($cookie, 'eyJpdiI')) {
if (str_starts_with($cookieValue, 'eyJpdiI')) {
try {
$json = base64_decode($cookie);
$json = base64_decode($cookieValue);
$data = json_decode($json, true);
if (
@ -100,9 +98,9 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
) {
// We can confidently assert that the cookie is encrypted. If this call were to fail, this method would just
// return null and the cookie payload would get skipped.
$cookie = CookieValuePrefix::validate(
static::$cookie,
Crypt::decryptString($cookie),
$cookieValue = CookieValuePrefix::validate(
$cookieName,
Crypt::decryptString($cookieValue),
Crypt::getAllKeys()
);
}
@ -113,6 +111,6 @@ class InitializeTenancyByRequestData extends IdentificationMiddleware
return null;
}
return $cookie;
return $cookieValue;
}
}

30
src/Overrides/TenancyUrlGenerator.php
View file

@ -9,6 +9,7 @@ use Illuminate\Routing\UrlGenerator;
use Illuminate\Support\Arr;
use InvalidArgumentException;
use Stancl\Tenancy\Resolvers\PathTenantResolver;
use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;
/**
* This class is used in place of the default UrlGenerator when UrlGeneratorBootstrapper is enabled.
@ -86,12 +87,22 @@ class TenancyUrlGenerator extends UrlGenerator
public static array $overrides = [];
/**
* Use default parameter names ('tenant' name and tenant key value) instead of the parameter name
* and column name configured in the path resolver config.
* Follow the query_parameter config instead of the tenant_parameter_name (path identification) config.
*
* You want to enable this when using query string identification while having customized that config.
* This only has an effect when:
* - $passTenantParameterToRoutes is enabled, and
* - the tenant_parameter_name config for the path resolver differs from the query_parameter config for the request data resolver.
*
* In such a case, instead of adding ['tenant' => '...'] to the route parameters (or whatever your tenant_parameter_name is if not 'tenant'),
* the query_parameter will be passed instead, e.g. ['team' => '...'] if your query_parameter config is 'team'.
*
* This is enabled by default because typically you will not need $passTenantParameterToRoutes with path identification.
* UrlGeneratorBootstrapper::$addTenantParameterToDefaults is recommended instead when using path identification.
*
* On the other hand, when using request data identification (specifically query string) you WILL need to pass the parameter
* directly to route() calls, therefore you would use $passTenantParameterToRoutes to avoid having to do that manually.
*/
public static bool $defaultParameterNames = false;
public static bool $passQueryParameter = true;
/**
* Override the route() method so that the route name gets prefixed
@ -175,11 +186,14 @@ class TenancyUrlGenerator extends UrlGenerator
protected function addTenantParameter(array $parameters): array
{
if (tenant() && static::$passTenantParameterToRoutes) {
if (static::$defaultParameterNames) {
return array_merge($parameters, ['tenant' => tenant()->getTenantKey()]);
} else {
return array_merge($parameters, [PathTenantResolver::tenantParameterName() => PathTenantResolver::tenantParameterValue(tenant())]);
if (static::$passQueryParameter) {
$queryParameterName = RequestDataTenantResolver::queryParameterName();
if ($queryParameterName !== null) {
return array_merge($parameters, [$queryParameterName => RequestDataTenantResolver::payloadValue(tenant())]);
}
}
return array_merge($parameters, [PathTenantResolver::tenantParameterName() => PathTenantResolver::tenantParameterValue(tenant())]);
} else {
return $parameters;
}

41
src/Resolvers/RequestDataTenantResolver.php
View file

@ -20,7 +20,9 @@ class RequestDataTenantResolver extends Contracts\CachedTenantResolver
{
$payload = (string) $args[0];
if ($payload && $tenant = tenancy()->find($payload, withRelations: true)) {
$column = static::tenantModelColumn();
if ($payload && $tenant = tenancy()->find($payload, $column, withRelations: true)) {
return $tenant;
}
@ -29,8 +31,43 @@ class RequestDataTenantResolver extends Contracts\CachedTenantResolver
public function getPossibleCacheKeys(Tenant&Model $tenant): array
{
// todo@tests
return [
$this->formatCacheKey($tenant->getTenantKey()),
$this->formatCacheKey(static::payloadValue($tenant)),
];
}
public static function payloadValue(Tenant $tenant): string
{
return $tenant->getAttribute(static::tenantModelColumn());
}
public static function tenantModelColumn(): string
{
return config('tenancy.identification.resolvers.' . static::class . '.tenant_model_column') ?? tenancy()->model()->getTenantKeyName();
}
/**
* Returns the name of the header used for identification, or null if header identification is disabled.
*/
public static function headerName(): string|null
{
return config('tenancy.identification.resolvers.' . static::class . '.header');
}
/**
* Returns the name of the query parameter used for identification, or null if query parameter identification is disabled.
*/
public static function queryParameterName(): string|null
{
return config('tenancy.identification.resolvers.' . static::class . '.query_parameter');
}
/**
* Returns the name of the cookie used for identification, or null if cookie identification is disabled.
*/
public static function cookieName(): string|null
{
return config('tenancy.identification.resolvers.' . static::class . '.cookie');
}
}

8
t
View file

@ -1,3 +1,9 @@
#!/bin/bash
docker compose exec -e COLUMNS=$(tput cols) -T test vendor/bin/pest --color=always --no-coverage --filter "$@"
if [[ "${CLAUDECODE}" != "1" ]]; then
COLOR_FLAG="--colors=always"
else
COLOR_FLAG="--colors=never"
fi
docker compose exec -e COLUMNS=$(tput cols) -T test vendor/bin/pest ${COLOR_FLAG} --no-coverage --filter "$@"

8
test
View file

@ -1,4 +1,10 @@
#!/bin/bash
if [[ "${CLAUDECODE}" != "1" ]]; then
COLOR_FLAG="--colors=always"
else
COLOR_FLAG="--colors=never"
fi
# --columns doesn't seem to work at the moment, so we're setting it using an environment variable
docker compose exec -e COLUMNS=$(tput cols) -T test vendor/bin/pest --colors=always "$@"
docker compose exec -e COLUMNS=$(tput cols) -T test vendor/bin/pest ${COLOR_FLAG} "$@"

2
tests/Bootstrappers/FortifyRouteBootstrapperTest.php
View file

@ -20,7 +20,7 @@ afterEach(function () {
FortifyRouteBootstrapper::$passTenantParameter = true;
FortifyRouteBootstrapper::$fortifyRedirectMap = [];
FortifyRouteBootstrapper::$fortifyHome = 'tenant.dashboard';
FortifyRouteBootstrapper::$defaultParameterNames = false;
FortifyRouteBootstrapper::$passQueryParameter = false;
});
test('fortify route tenancy bootstrapper updates fortify config correctly', function() {

232
tests/Bootstrappers/UrlGeneratorBootstrapperTest.php
View file

@ -1,5 +1,6 @@
<?php
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Routing\UrlGenerator;
use Stancl\Tenancy\Tests\Etc\Tenant;
use Illuminate\Support\Facades\Event;
@ -12,8 +13,13 @@ use Stancl\Tenancy\Overrides\TenancyUrlGenerator;
use Stancl\Tenancy\Listeners\RevertToCentralContext;
use Stancl\Tenancy\Middleware\InitializeTenancyByPath;
use Illuminate\Routing\Exceptions\UrlGenerationException;
use Illuminate\Support\Facades\Schema;
use Stancl\Tenancy\Bootstrappers\UrlGeneratorBootstrapper;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedByRequestDataException;
use Stancl\Tenancy\Middleware\InitializeTenancyByRequestData;
use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
@ -44,82 +50,224 @@ test('url generator bootstrapper swaps the url generator instance correctly', fu
});
test('tenancy url generator can prefix route names passed to the route helper', function() {
Route::get('/central/home', fn () => route('home'))->name('home');
// Tenant route name prefix is 'tenant.' by default
Route::get('/tenant/home', fn () => route('tenant.home'))->name('tenant.home');
config([
'tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_route_name_prefix' => 'custom_prefix.',
]);
Route::get('/central/home', fn () => '')->name('home');
Route::get('/tenant/home', fn () => '')->name('custom_prefix.home');
$tenant = Tenant::create();
$centralRouteUrl = route('home');
$tenantRouteUrl = route('tenant.home');
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
tenancy()->initialize($tenant);
// Route names don't get prefixed when TenancyUrlGenerator::$prefixRouteNames is false (default)
expect(route('home'))->toBe($centralRouteUrl);
expect(route('home'))->toBe('http://localhost/central/home');
// When $prefixRouteNames is true, the route name passed to the route() helper ('home') gets prefixed with 'tenant.' automatically.
// When $prefixRouteNames is true, the route name passed to the route() helper ('home') gets prefixed automatically.
TenancyUrlGenerator::$prefixRouteNames = true;
expect(route('home'))->toBe($tenantRouteUrl);
expect(route('home'))->toBe('http://localhost/tenant/home');
// The 'tenant.home' route name doesn't get prefixed -- it is already prefixed with 'tenant.'
expect(route('tenant.home'))->toBe($tenantRouteUrl);
// The 'custom_prefix.home' route name doesn't get prefixed -- it is already prefixed with 'custom_prefix.'
expect(route('custom_prefix.home'))->toBe('http://localhost/tenant/home');
// Ending tenancy reverts route() behavior changes
tenancy()->end();
expect(route('home'))->toBe($centralRouteUrl);
expect(route('home'))->toBe('http://localhost/central/home');
});
test('the route helper can receive the tenant parameter automatically', function (
string $identification,
bool $addTenantParameterToDefaults,
bool $passTenantParameterToRoutes,
) {
test('path identification route helper behavior', function (bool $addTenantParameterToDefaults, bool $passTenantParameterToRoutes) {
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
$appUrl = config('app.url');
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = $addTenantParameterToDefaults;
// When the tenant parameter isn't added to defaults, the tenant parameter has to be passed "manually"
// by setting $passTenantParameterToRoutes to true. This is only preferable with query string identification.
// With path identification, this ultimately doesn't have any effect
// if UrlGeneratorBootstrapper::$addTenantParameterToDefaults is true,
// but TenancyUrlGenerator::$passTenantParameterToRoutes can still be used instead.
TenancyUrlGenerator::$passTenantParameterToRoutes = $passTenantParameterToRoutes;
$tenant = Tenant::create();
$tenantKey = $tenant->getTenantKey();
Route::get('/central/home', fn () => route('home'))->name('home');
$tenantRoute = $identification === InitializeTenancyByPath::class ? "/{tenant}/home" : "/tenant/home";
Route::get($tenantRoute, fn () => route('tenant.home'))
Route::get('/{tenant}/home', fn () => tenant('id'))
->name('tenant.home')
->middleware(['tenant', $identification]);
->middleware([InitializeTenancyByPath::class]);
tenancy()->initialize($tenant);
$expectedUrl = match (true) {
$identification === InitializeTenancyByRequestData::class && $passTenantParameterToRoutes => "{$appUrl}/tenant/home?tenant={$tenantKey}",
$identification === InitializeTenancyByRequestData::class => "{$appUrl}/tenant/home", // $passTenantParameterToRoutes is false
$identification === InitializeTenancyByPath::class && ($addTenantParameterToDefaults || $passTenantParameterToRoutes) => "{$appUrl}/{$tenantKey}/home",
$identification === InitializeTenancyByPath::class => null, // Should throw an exception -- route() doesn't receive the tenant parameter in this case
};
if ($expectedUrl === null) {
if (! $addTenantParameterToDefaults && ! $passTenantParameterToRoutes) {
expect(fn () => route('tenant.home'))->toThrow(UrlGenerationException::class, 'Missing parameter: tenant');
} else {
expect(route('tenant.home'))->toBe($expectedUrl);
// If at least *one* of the approaches was used, the parameter will make its way to the route
expect(route('tenant.home'))->toBe("http://localhost/{$tenant->id}/home");
pest()->get(route('tenant.home'))->assertSee($tenant->id);
}
})->with([InitializeTenancyByPath::class, InitializeTenancyByRequestData::class])
->with([true, false]) // UrlGeneratorBootstrapper::$addTenantParameterToDefaults
})->with([true, false]) // UrlGeneratorBootstrapper::$addTenantParameterToDefaults
->with([true, false]); // TenancyUrlGenerator::$passTenantParameterToRoutes
test('request data identification route helper behavior', function (bool $addTenantParameterToDefaults, bool $passTenantParameterToRoutes) {
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = $addTenantParameterToDefaults;
TenancyUrlGenerator::$passTenantParameterToRoutes = $passTenantParameterToRoutes;
$tenant = Tenant::create();
Route::get('/tenant/home', fn () => tenant('id'))
->name('tenant.home')
->middleware([InitializeTenancyByRequestData::class]);
tenancy()->initialize($tenant);
if ($passTenantParameterToRoutes) {
// Only $passTenantParameterToRoutes has an effect, defaults do not affect request data URL generation
expect(route('tenant.home'))->toBe("http://localhost/tenant/home?tenant={$tenant->id}");
pest()->get(route('tenant.home'))->assertSee($tenant->id);
} else {
expect(route('tenant.home'))->toBe("http://localhost/tenant/home");
expect(fn () => $this->withoutExceptionHandling()->get(route('tenant.home')))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
}
})->with([true, false]) // UrlGeneratorBootstrapper::$addTenantParameterToDefaults
->with([true, false]); // TenancyUrlGenerator::$passTenantParameterToRoutes
test('changing request data query parameter and model column is respected by the url generator', function () {
config([
'tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class],
'tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.query_parameter' => 'team',
'tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => 'slug',
]);
Tenant::$extraCustomColumns = ['slug'];
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
});
TenancyUrlGenerator::$passTenantParameterToRoutes = true;
$tenant = Tenant::create(['slug' => 'acme']);
Route::get('/tenant/home', fn () => tenant('id'))
->name('tenant.home')
->middleware([InitializeTenancyByRequestData::class]);
tenancy()->initialize($tenant);
expect(route('tenant.home'))->toBe("http://localhost/tenant/home?team=acme");
pest()->get(route('tenant.home'))->assertSee($tenant->id);
});
test('setting extra model columns sets additional URL defaults', function () {
Tenant::$extraCustomColumns = ['slug'];
TenancyUrlGenerator::$passTenantParameterToRoutes = false;
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = true;
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.allowed_extra_model_columns' => ['slug']]);
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
});
Route::get('/{tenant}/foo/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('foo');
Route::get('/{tenant:slug}/fooslug/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('fooslug');
$tenant = Tenant::create(['slug' => 'acme']);
// In central context, no URL defaults are applied
expect(route('foo', [$tenant->getTenantKey(), 'bar']))->toBe("http://localhost/{$tenant->getTenantKey()}/foo/bar");
pest()->get(route('foo', [$tenant->getTenantKey(), 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
expect(route('fooslug', ['acme', 'bar']))->toBe('http://localhost/acme/fooslug/bar');
pest()->get(route('fooslug', ['acme', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
// In tenant context, URL defaults are applied
tenancy()->initialize($tenant);
expect(route('foo', ['bar']))->toBe("http://localhost/{$tenant->getTenantKey()}/foo/bar");
pest()->get(route('foo', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
expect(route('fooslug', ['bar']))->toBe('http://localhost/acme/fooslug/bar');
pest()->get(route('fooslug', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
});
test('changing the tenant model column changes the default value for the tenant parameter', function () {
Tenant::$extraCustomColumns = ['slug'];
TenancyUrlGenerator::$passTenantParameterToRoutes = false;
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = true;
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_model_column' => 'slug']);
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
});
Route::get('/{tenant}/foo/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('foo');
$tenant = Tenant::create(['slug' => 'acme']);
// In central context, no URL defaults are applied
expect(route('foo', ['acme', 'bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['acme', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
// In tenant context, URL defaults are applied
tenancy()->initialize($tenant);
expect(route('foo', ['bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
});
test('changing the tenant parameter name is respected by the url generator', function () {
Tenant::$extraCustomColumns = ['slug', 'slug2'];
TenancyUrlGenerator::$passTenantParameterToRoutes = false;
UrlGeneratorBootstrapper::$addTenantParameterToDefaults = true;
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_parameter_name' => 'team']);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_model_column' => 'slug']);
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.allowed_extra_model_columns' => ['slug2']]);
Schema::table('tenants', function (Blueprint $table) {
$table->string('slug')->unique();
$table->string('slug2')->unique();
});
Route::get('/{team}/foo/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('foo');
Route::get('/{team:slug2}/fooslug2/{user}', function (string $user) {
return tenant()->getTenantKey() . " $user";
})->middleware([InitializeTenancyByPath::class, 'web'])->name('fooslug2');
$tenant = Tenant::create(['slug' => 'acme', 'slug2' => 'acme2']);
// In central context, no URL defaults are applied
expect(route('foo', ['acme', 'bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['acme', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
expect(route('fooslug2', ['acme2', 'bar']))->toBe("http://localhost/acme2/fooslug2/bar");
pest()->get(route('fooslug2', ['acme2', 'bar']))->assertSee(tenant()->getTenantKey() . ' bar');
tenancy()->end();
// In tenant context, URL defaults are applied
tenancy()->initialize($tenant);
expect(route('foo', ['bar']))->toBe("http://localhost/acme/foo/bar");
pest()->get(route('foo', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
expect(route('fooslug2', ['bar']))->toBe("http://localhost/acme2/fooslug2/bar");
pest()->get(route('fooslug2', ['bar']))->assertSee(tenant()->getTenantKey() . ' bar');
});
test('url generator can override specific route names', function() {
config(['tenancy.bootstrappers' => [UrlGeneratorBootstrapper::class]]);

61
tests/PathIdentificationTest.php
View file

@ -3,15 +3,29 @@
declare(strict_types=1);
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Database\QueryException;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Routing\Middleware\SubstituteBindings;
use Illuminate\Support\Facades\Route;
use Illuminate\Support\Facades\Schema;
use Illuminate\Support\Facades\Event;
use Stancl\Tenancy\Exceptions\RouteIsMissingTenantParameterException;
use Stancl\Tenancy\Exceptions\TenantColumnNotWhitelistedException;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedByPathException;
use Stancl\Tenancy\Middleware\InitializeTenancyByPath;
use Stancl\Tenancy\Resolvers\PathTenantResolver;
use Stancl\Tenancy\Tests\Etc\Tenant;
use Stancl\Tenancy\Events\TenantCreated;
use Stancl\Tenancy\Jobs\CreateDatabase;
use Stancl\Tenancy\Jobs\MigrateDatabase;
use Stancl\JobPipeline\JobPipeline;
use Stancl\Tenancy\Events\TenancyInitialized;
use Stancl\Tenancy\Listeners\BootstrapTenancy;
use Stancl\Tenancy\Listeners\RevertToCentralContext;
use Stancl\Tenancy\Tests\Etc\User;
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
use Stancl\Tenancy\Events\TenancyEnded;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
@ -35,6 +49,11 @@ beforeEach(function () {
});
});
afterEach(function () {
InitializeTenancyByPath::$onFail = null;
Tenant::$extraCustomColumns = [];
});
test('tenant can be identified by path', function () {
Tenant::create([
'id' => 'acme',
@ -150,6 +169,7 @@ test('central route can have a parameter with the same name as the tenant parame
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.tenant_parameter_name' => 'team']);
$tenantKey = Tenant::create()->getTenantKey();
// The route is flagged as central (while using kernel identification) so the {team} parameter should not be used for tenancy initialization
Route::get('/central/route/{team}/{a}/{b}', function ($team, $a, $b) {
return "$a + $b + $team";
})->middleware('central')->name('central-route');
@ -185,8 +205,6 @@ test('the tenant model column can be customized in the config', function () {
$this->withoutExceptionHandling();
pest()->get('/acme/foo')->assertSee($tenant->getTenantKey());
expect(fn () => pest()->get($tenant->id . '/foo'))->toThrow(TenantCouldNotBeIdentifiedByPathException::class);
Tenant::$extraCustomColumns = []; // static property reset
});
test('the tenant model column can be customized in the route definition', function () {
@ -218,8 +236,6 @@ test('the tenant model column can be customized in the route definition', functi
// Binding field defined
pest()->get('/acme/bar')->assertSee($tenant->getTenantKey());
expect(fn () => pest()->get($tenant->id . '/bar'))->toThrow(TenantCouldNotBeIdentifiedByPathException::class);
Tenant::$extraCustomColumns = []; // static property reset
});
test('any extra model column needs to be whitelisted', function () {
@ -243,6 +259,39 @@ test('any extra model column needs to be whitelisted', function () {
// After whitelisting the column it works
config(['tenancy.identification.resolvers.' . PathTenantResolver::class . '.allowed_extra_model_columns' => ['slug']]);
pest()->get('/acme/foo')->assertSee($tenant->getTenantKey());
Tenant::$extraCustomColumns = []; // static property reset
});
test('route model binding works with path identification', function() {
config(['tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class]]);
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
Event::listen(TenantCreated::class, JobPipeline::make([
CreateDatabase::class, MigrateDatabase::class,
])->send(fn (TenantCreated $event) => $event->tenant)->toListener());
Event::listen(TenancyEnded::class, RevertToCentralContext::class);
$tenant = Tenant::create();
$this->withoutExceptionHandling();
// Importantly, the route must have the 'web' middleware group, or SubstituteBindings directly
Route::get('/{tenant}/foo/{user}', fn (User $user) => $user->name)->middleware([InitializeTenancyByPath::class, 'web']);
Route::get('/{tenant}/bar/{user}', fn (User $user) => $user->name)->middleware([InitializeTenancyByPath::class, SubstituteBindings::class]);
$user = $tenant->run(fn () => User::create(['name' => 'John Doe', 'email' => 'john@doe.com', 'password' => 'foobar']));
pest()->get("/{$tenant->id}/foo/{$user->id}")->assertSee("John Doe");
tenancy()->end();
pest()->get("/{$tenant->id}/bar/{$user->id}")->assertSee("John Doe");
tenancy()->end();
// If SubstituteBindings comes BEFORE tenancy middleware and middleware priority is not set, route model binding is NOT expected to work correctly
// Since SubstituteBindings runs first, it tries to query the central database instead of the tenant database (which fails with a QueryException in this case)
Route::get('/{tenant}/baz/{user}', fn (User $user) => $user->name ?: 'No user')->middleware([SubstituteBindings::class, InitializeTenancyByPath::class]);
expect(fn () => pest()->get("/{$tenant->id}/baz/{$user->id}"))->toThrow(QueryException::class);
tenancy()->end();
// If SubstituteBindings is NOT USED AT ALL, we simply get an empty User instance
Route::get('/{tenant}/xyz/{user}', fn (User $user) => $user->name ?: 'No user')->middleware([InitializeTenancyByPath::class]);
pest()->get("/{$tenant->id}/xyz/{$user->id}")->assertSee('No user');
});

14
tests/RLS/PolicyTest.php
View file

@ -20,6 +20,7 @@ use Stancl\Tenancy\Bootstrappers\PostgresRLSBootstrapper;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
TraitRLSManager::$excludedModels = [Article::class];
TraitRLSManager::$modelDirectories = [__DIR__ . '/Etc'];
@ -79,6 +80,10 @@ beforeEach(function () {
});
});
afterEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
});
// Regression test for https://github.com/archtechx/tenancy/pull/1280
test('rls command doesnt fail when a view is in the database', function (string $manager) {
DB::statement("
@ -184,7 +189,9 @@ test('rls command recreates policies if the force option is passed', function (s
TraitRLSManager::class,
]);
test('queries will stop working when the tenant session variable is not set', function(string $manager) {
test('queries will stop working when the tenant session variable is not set', function(string $manager, bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
config(['tenancy.rls.manager' => $manager]);
$sessionVariableName = config('tenancy.rls.session_variable_name');
@ -216,7 +223,4 @@ test('queries will stop working when the tenant session variable is not set', fu
INSERT INTO posts (text, tenant_id, author_id)
VALUES ('post2', ?, ?)
SQL, [$tenant->id, $authorId]))->toThrow(QueryException::class);
})->with([
TableRLSManager::class,
TraitRLSManager::class,
]);
})->with([TableRLSManager::class, TraitRLSManager::class])->with([true, false]);

146
tests/RLS/TableManagerTest.php
View file

@ -23,6 +23,7 @@ use function Stancl\Tenancy\Tests\pest;
use Stancl\Tenancy\Exceptions\RLSCommentConstraintException;
beforeEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
TableRLSManager::$scopeByDefault = true;
Event::listen(TenancyInitialized::class, BootstrapTenancy::class);
@ -108,6 +109,10 @@ beforeEach(function () {
});
});
afterEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
});
test('correct rls policies get created with the correct hash using table manager', function() {
$manager = app(config('tenancy.rls.manager'));
@ -160,7 +165,9 @@ test('correct rls policies get created with the correct hash using table manager
}
});
test('queries are correctly scoped using RLS', function() {
test('queries are correctly scoped using RLS', function (bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
// 3-levels deep relationship
Schema::create('notes', function (Blueprint $table) {
$table->id();
@ -321,7 +328,7 @@ test('queries are correctly scoped using RLS', function() {
expect(fn () => DB::statement("INSERT INTO notes (text, comment_id) VALUES ('baz', {$post1Comment->id})"))
->toThrow(QueryException::class);
});
})->with([true, false]);
test('table rls manager generates shortest paths that lead to the tenants table correctly', function (bool $scopeByDefault) {
TableRLSManager::$scopeByDefault = $scopeByDefault;
@ -451,6 +458,109 @@ test('table rls manager generates shortest paths that lead to the tenants table
]);
})->with([true, false]);
// https://github.com/archtechx/tenancy/pull/1293
test('forceRls prevents even the table owner from querying his own tables if he doesnt have a BYPASSRLS permission', function (bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
// Drop all tables created in beforeEach
DB::statement("DROP TABLE authors, categories, posts, comments, reactions, articles;");
// Create a new user so we have full control over the permissions.
// We explicitly set bypassRls to false.
[$username, $password] = createPostgresUser('administrator', bypassRls: false);
config(['database.connections.central' => array_merge(config('database.connections.pgsql'), [
'username' => $username,
'password' => $password,
])]);
DB::reconnect();
// This table is owned by the newly created 'administrator' user
Schema::create('orders', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('tenant_id')->comment('rls');
$table->foreign('tenant_id')->references('id')->on('tenants')->onUpdate('cascade')->onDelete('cascade');
$table->timestamps();
});
$tenant1 = Tenant::create();
// Create RLS policy for the orders table
pest()->artisan('tenants:rls');
$tenant1->run(fn () => Order::create(['name' => 'order1', 'tenant_id' => $tenant1->getTenantKey()]));
// We are still using the 'administrator' user - owner of the orders table
if ($forceRls) {
// RLS is forced, so by default, not even the table owner should be able to query the table protected by the RLS policy.
// The RLS policy is not being bypassed, 'unrecognized configuration parameter' means
// that the my.current_tenant session variable isn't set -- the RLS policy is *still* being enforced.
expect(fn () => Order::first())->toThrow(QueryException::class, 'unrecognized configuration parameter "my.current_tenant"');
} else {
// RLS is not forced, so the table owner should be able to query the table, bypassing the RLS policy
expect(Order::first())->not()->toBeNull();
}
})->with([true, false]);
test('users with BYPASSRLS privilege can bypass RLS regardless of forceRls setting', function (bool $forceRls, bool $bypassRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
// Drop all tables created in beforeEach
DB::statement("DROP TABLE authors, categories, posts, comments, reactions, articles;");
// Create a new user so we have control over his BYPASSRLS permission
// and use that as the new central connection user
[$username, $password] = createPostgresUser('administrator', 'password', $bypassRls);
config(['database.connections.central' => array_merge(config('database.connections.pgsql'), [
'username' => $username,
'password' => $password,
])]);
DB::reconnect();
Schema::create('orders', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('tenant_id')->comment('rls');
$table->foreign('tenant_id')->references('id')->on('tenants')->onUpdate('cascade')->onDelete('cascade');
$table->timestamps();
});
$tenant1 = Tenant::create();
// Create RLS policy for the orders table
pest()->artisan('tenants:rls');
$tenant1->run(fn () => Order::create(['name' => 'order1', 'tenant_id' => $tenant1->getTenantKey()]));
// We are still using the 'administrator' user
if ($bypassRls) {
// Users with BYPASSRLS can always query tables regardless of forceRls setting
expect(Order::count())->toBe(1);
expect(Order::first()->name)->toBe('order1');
} else {
// Users without BYPASSRLS are subject to RLS policies even if they're table owners when forceRls is true
// OR they can bypass as table owners (when forceRls=false)
if ($forceRls) {
// Even table owners need session variable -- this means RLS was NOT bypassed
expect(fn () => Order::first())->toThrow(QueryException::class, 'unrecognized configuration parameter "my.current_tenant"');
} else {
// Table owners can bypass RLS automatically when forceRls is false
expect(Order::count())->toBe(1);
expect(Order::first()->name)->toBe('order1');
}
}
})->with([true, false])->with([true, false]);
test('table rls manager generates queries correctly', function() {
expect(array_values(app(TableRLSManager::class)->generateQueries()))->toEqualCanonicalizing([
<<<SQL
@ -700,6 +810,33 @@ test('table manager handles tables with self-referencing foreign keys correctly'
]);
});
function createPostgresUser(string $username, string $password = 'password', bool $bypassRls = false): array
{
try {
DB::statement("DROP OWNED BY {$username};");
} catch (\Throwable) {}
DB::statement("DROP USER IF EXISTS {$username};");
DB::statement("CREATE USER {$username} WITH ENCRYPTED PASSWORD '{$password}'");
DB::statement("ALTER USER {$username} CREATEDB");
DB::statement("ALTER USER {$username} CREATEROLE");
// Grant BYPASSRLS privilege if requested
if ($bypassRls) {
DB::statement("ALTER USER {$username} BYPASSRLS");
}
// Grant privileges to the new central user
DB::statement("GRANT ALL PRIVILEGES ON DATABASE main to {$username}");
DB::statement("GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO {$username}");
DB::statement("GRANT ALL ON SCHEMA public TO {$username}");
DB::statement("ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO {$username}");
DB::statement("GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO {$username}");
return [$username, $password];
}
class Post extends Model
{
protected $guarded = [];
@ -752,3 +889,8 @@ class Author extends Model
{
protected $guarded = [];
}
class Order extends Model
{
protected $guarded = [];
}

13
tests/RLS/TraitManagerTest.php
View file

@ -28,6 +28,7 @@ use Stancl\Tenancy\Database\Concerns\BelongsToPrimaryModel;
use function Stancl\Tenancy\Tests\pest;
beforeEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
TraitRLSManager::$implicitRLS = true;
TraitRLSManager::$modelDirectories = [__DIR__ . '/Etc'];
TraitRLSManager::$excludedModels = [Article::class];
@ -78,6 +79,10 @@ beforeEach(function () {
});
});
afterEach(function () {
CreateUserWithRLSPolicies::$forceRls = true;
});
test('correct rls policies get created with the correct hash using trait manager', function () {
$manager = app(TraitRLSManager::class);
@ -149,7 +154,8 @@ test('global scope is not applied when using rls with single db traits', functio
expect(NonRLSComment::make()->hasGlobalScope(ParentModelScope::class))->toBeFalse();
});
test('queries are correctly scoped using RLS with trait rls manager', function (bool $implicitRLS) {
test('queries are correctly scoped using RLS with trait rls manager', function (bool $implicitRLS, bool $forceRls) {
CreateUserWithRLSPolicies::$forceRls = $forceRls;
TraitRLSManager::$implicitRLS = $implicitRLS;
$postModel = $implicitRLS ? NonRLSPost::class : Post::class;
@ -263,10 +269,7 @@ test('queries are correctly scoped using RLS with trait rls manager', function (
expect(fn () => DB::statement("INSERT INTO comments (text, post_id) VALUES ('third comment', {$post1->id})"))
->toThrow(QueryException::class);
})->with([
true,
false
]);
})->with([true, false])->with([true, false]);
test('trait rls manager generates queries correctly', function() {
/** @var TraitRLSManager $manager */

101
tests/RequestDataIdentificationTest.php
View file

@ -2,9 +2,11 @@
declare(strict_types=1);
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Route;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedByRequestDataException;
use Stancl\Tenancy\Middleware\InitializeTenancyByRequestData;
use Stancl\Tenancy\Resolvers\RequestDataTenantResolver;
use Stancl\Tenancy\Tests\Etc\Tenant;
use function Stancl\Tenancy\Tests\pest;
@ -15,45 +17,90 @@ beforeEach(function () {
],
]);
InitializeTenancyByRequestData::$header = 'X-Tenant';
InitializeTenancyByRequestData::$cookie = 'X-Tenant';
InitializeTenancyByRequestData::$queryParameter = 'tenant';
Route::middleware(['tenant', InitializeTenancyByRequestData::class])->get('/test', function () {
Route::middleware([InitializeTenancyByRequestData::class])->get('/test', function () {
return 'Tenant id: ' . tenant('id');
});
});
test('header identification works', function () {
$tenant = Tenant::create();
$this
->withoutExceptionHandling()
->withHeader('X-Tenant', $tenant->id)
->get('test')
->assertSee($tenant->id);
test('header identification works', function (string|null $tenantModelColumn) {
if ($tenantModelColumn) {
Schema::table('tenants', function (Blueprint $table) use ($tenantModelColumn) {
$table->string($tenantModelColumn)->unique();
});
Tenant::$extraCustomColumns = [$tenantModelColumn];
}
test('query parameter identification works', function () {
$tenant = Tenant::create();
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => $tenantModelColumn]);
$this
->withoutExceptionHandling()
->get('test?tenant=' . $tenant->id)
->assertSee($tenant->id);
$tenant = Tenant::create($tenantModelColumn ? [$tenantModelColumn => 'acme'] : []);
$payload = $tenantModelColumn ? 'acme' : $tenant->id;
// Default header name
$this->withoutExceptionHandling()->withHeader('X-Tenant', $payload)->get('test')->assertSee($tenant->id);
// Custom header name
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.header' => 'X-Custom-Tenant']);
$this->withoutExceptionHandling()->withHeader('X-Custom-Tenant', $payload)->get('test')->assertSee($tenant->id);
// Setting the header to null disables header identification
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.header' => null]);
expect(fn () => $this->withoutExceptionHandling()->withHeader('X-Tenant', $payload)->get('test'))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
})->with([null, 'slug']);
test('query parameter identification works', function (string|null $tenantModelColumn) {
if ($tenantModelColumn) {
Schema::table('tenants', function (Blueprint $table) use ($tenantModelColumn) {
$table->string($tenantModelColumn)->unique();
});
Tenant::$extraCustomColumns = [$tenantModelColumn];
}
test('cookie identification works', function () {
$tenant = Tenant::create();
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => $tenantModelColumn]);
$this
->withoutExceptionHandling()
->withUnencryptedCookie('X-Tenant', $tenant->id)
->get('test')
->assertSee($tenant->id);
$tenant = Tenant::create($tenantModelColumn ? [$tenantModelColumn => 'acme'] : []);
$payload = $tenantModelColumn ? 'acme' : $tenant->id;
// Default query parameter name
$this->withoutExceptionHandling()->get('test?tenant=' . $payload)->assertSee($tenant->id);
// Custom query parameter name
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.query_parameter' => 'custom_tenant']);
$this->withoutExceptionHandling()->get('test?custom_tenant=' . $payload)->assertSee($tenant->id);
// Setting the query parameter to null disables query parameter identification
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.query_parameter' => null]);
expect(fn () => $this->withoutExceptionHandling()->get('test?tenant=' . $payload))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
})->with([null, 'slug']);
test('cookie identification works', function (string|null $tenantModelColumn) {
if ($tenantModelColumn) {
Schema::table('tenants', function (Blueprint $table) use ($tenantModelColumn) {
$table->string($tenantModelColumn)->unique();
});
Tenant::$extraCustomColumns = [$tenantModelColumn];
}
test('middleware throws exception when tenant data is not provided in the request', function () {
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.tenant_model_column' => $tenantModelColumn]);
$tenant = Tenant::create($tenantModelColumn ? [$tenantModelColumn => 'acme'] : []);
$payload = $tenantModelColumn ? 'acme' : $tenant->id;
// Default cookie name
$this->withoutExceptionHandling()->withUnencryptedCookie('tenant', $payload)->get('test')->assertSee($tenant->id);
// Custom cookie name
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.cookie' => 'custom_tenant_id']);
$this->withoutExceptionHandling()->withUnencryptedCookie('custom_tenant_id', $payload)->get('test')->assertSee($tenant->id);
// Setting the cookie to null disables cookie identification
config(['tenancy.identification.resolvers.' . RequestDataTenantResolver::class . '.cookie' => null]);
expect(fn () => $this->withoutExceptionHandling()->withUnencryptedCookie('tenant', $payload)->get('test'))->toThrow(TenantCouldNotBeIdentifiedByRequestDataException::class);
})->with([null, 'slug']);
// todo@tests encrypted cookie
test('an exception is thrown when no tenant data is provided in the request', function () {
pest()->expectException(TenantCouldNotBeIdentifiedByRequestDataException::class);
$this->withoutExceptionHandling()->get('test');
});