mirror of
https://github.com/archtechx/tenancy.git
synced 2026-02-05 09:24:02 +00:00
Delete temp action, improve tests
This commit is contained in:
lukinovec
parent
2745f824aa
commit
a5d004132c
2 changed files with 25 additions and 96 deletions
|
|
@ -15,6 +15,7 @@ beforeEach(function () {
|
|||
|
||||
config(['tenancy.models.tenant' => Tenant::class]);
|
||||
|
||||
// Drop all existing policies
|
||||
foreach (DB::select('select * from pg_policies') as $policy) {
|
||||
DB::statement("DROP POLICY IF EXISTS {$policy->policyname} ON {$policy->tablename};");
|
||||
}
|
||||
|
|
@ -48,7 +49,7 @@ test('postgres user can get deleted using the job', function() {
|
|||
expect($tenantHasPostgresUser())->toBeFalse();
|
||||
});
|
||||
|
||||
test('correct rls policies get created', function(bool $action) {
|
||||
test('correct rls policies get created', function () {
|
||||
config([
|
||||
'tenancy.models.rls' => [
|
||||
Post::class, // Primary model (directly belongs to tenant)
|
||||
|
|
@ -63,8 +64,6 @@ test('correct rls policies get created', function(bool $action) {
|
|||
Schema::create('tenants', function (Blueprint $table) {
|
||||
$table->string('id')->primary();
|
||||
|
||||
// your custom columns may go here
|
||||
|
||||
$table->timestamps();
|
||||
$table->json('data')->nullable();
|
||||
});
|
||||
|
|
@ -89,20 +88,18 @@ test('correct rls policies get created', function(bool $action) {
|
|||
});
|
||||
|
||||
$getRlsPolicies = fn () => DB::select('select * from pg_policies');
|
||||
$getModelTables = fn () => collect(config('tenancy.models.rls'))->map(fn (string $model) => (new $model)->getTable());
|
||||
$getRlsModels = fn () => config('tenancy.models.rls');
|
||||
$getModelTables = fn () => collect($getRlsModels())->map(fn (string $model) => (new $model)->getTable());
|
||||
$getRlsTables = fn() => $getModelTables()->map(fn ($table) => DB::select('select relname, relrowsecurity, relforcerowsecurity from pg_class WHERE oid = ' . "'$table'::regclass"))->collapse();
|
||||
|
||||
expect($getRlsPolicies())->toHaveCount(0);
|
||||
|
||||
if ($action) {
|
||||
CreateRLSPoliciesForTables::handle();
|
||||
} else {
|
||||
pest()->artisan('tenants:create-rls-policies');
|
||||
}
|
||||
pest()->artisan('tenants:create-rls-policies');
|
||||
|
||||
expect($getRlsPolicies())->toHaveCount(count(config('tenancy.models.rls'))); // 1
|
||||
expect($getRlsTables())->toHaveCount(count(config('tenancy.models.rls'))); // 1
|
||||
// Check if tables with policies are RLS protected
|
||||
expect($getRlsPolicies())->toHaveCount(count($getRlsModels())); // 1
|
||||
expect($getRlsTables())->toHaveCount(count($getRlsModels())); // 1
|
||||
|
||||
// Check if RLS is forced on tables with the policies
|
||||
foreach ($getRlsTables() as $table) {
|
||||
expect($getModelTables())->toContain($table->relname);
|
||||
expect($table->relforcerowsecurity)->toBeTrue();
|
||||
|
|
@ -111,25 +108,28 @@ test('correct rls policies get created', function(bool $action) {
|
|||
config([
|
||||
'tenancy.models.rls' => array_merge([
|
||||
ScopedComment::class, // Add secondary model to RLS protected models (belongs to tenant through Post)
|
||||
], config('tenancy.models.rls')),
|
||||
], $getRlsModels()),
|
||||
]);
|
||||
|
||||
if ($action) {
|
||||
CreateRLSPoliciesForTables::handle();
|
||||
} else {
|
||||
pest()->artisan('tenants:create-rls-policies');
|
||||
expect(count($getRlsModels()))->toBe(2); // Post::class + ScopedComment::class
|
||||
|
||||
// Drop all existing policies to check if the command creates policies for multiple tables
|
||||
foreach ($getRlsPolicies() as $policy) {
|
||||
DB::statement("DROP POLICY IF EXISTS {$policy->policyname} ON {$policy->tablename}");
|
||||
}
|
||||
|
||||
// Check if tables with policies are RLS protected (even the ones not directly related to the tenant)
|
||||
// Models related to tenant through some model must use the BelongsToPrimaryModel trait to work properly
|
||||
expect($getRlsPolicies())->toHaveCount(count(config('tenancy.models.rls'))); // 2
|
||||
expect($getRlsTables())->toHaveCount(count(config('tenancy.models.rls'))); // 2
|
||||
expect($getRlsPolicies())->toHaveCount(0);
|
||||
|
||||
pest()->artisan('tenants:create-rls-policies');
|
||||
|
||||
// Check if all tables with policies are RLS protected (even the ones not directly related to the tenant)
|
||||
// Models related to tenant through some model must use the BelongsToPrimaryModel trait
|
||||
// For the command to create the policy correctly for the model's table
|
||||
expect($getRlsPolicies())->toHaveCount(count($getRlsModels())); // 2
|
||||
expect($getRlsTables())->toHaveCount(count($getRlsModels())); // 2
|
||||
|
||||
foreach ($getRlsTables() as $table) {
|
||||
expect($getModelTables())->toContain($table->relname);
|
||||
expect($table->relforcerowsecurity)->toBeTrue();
|
||||
}
|
||||
})->with([
|
||||
'action' => true,
|
||||
'command' => false
|
||||
]);
|
||||
});
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue