archtechx/tenancy
1
0
Fork 0
mirror of https://github.com/archtechx/tenancy.git synced 2025-12-12 22:14:03 +00:00
Code Activity

Merge branch 'master' of github.com:tenancy-for-laravel/v4

Browse source
This commit is contained in:
Samuel Štancl 2022-11-29 10:19:12 +01:00
commit b2dc0844eb
24 changed files with 581 additions and 166 deletions
Download patch file Download diff file Expand all files Collapse all files

2
assets/TenancyServiceProvider.stub.php
View file

@ -153,7 +153,7 @@ class TenancyServiceProvider extends ServiceProvider
protected function makeTenancyMiddlewareHighestPriority() protected function makeTenancyMiddlewareHighestPriority()
{ {
// PreventAccessFromCentralDomains has even higher priority than the identification middleware // PreventAccessFromCentralDomains has even higher priority than the identification middleware
$tenancyMiddleware = array_merge([Middleware\PreventAccessFromCentralDomains::class], config('tenancy.identification.middleware')); $tenancyMiddleware = array_merge([Middleware\PreventAccessFromUnwantedDomains::class], config('tenancy.identification.middleware'));
foreach (array_reverse($tenancyMiddleware) as $middleware) { foreach (array_reverse($tenancyMiddleware) as $middleware) {
$this->app[\Illuminate\Contracts\Http\Kernel::class]->prependToMiddlewarePriority($middleware); $this->app[\Illuminate\Contracts\Http\Kernel::class]->prependToMiddlewarePriority($middleware);

2
assets/config.php
View file

@ -102,6 +102,7 @@ return [
Stancl\Tenancy\Bootstrappers\FilesystemTenancyBootstrapper::class, Stancl\Tenancy\Bootstrappers\FilesystemTenancyBootstrapper::class,
Stancl\Tenancy\Bootstrappers\QueueTenancyBootstrapper::class, Stancl\Tenancy\Bootstrappers\QueueTenancyBootstrapper::class,
Stancl\Tenancy\Bootstrappers\BatchTenancyBootstrapper::class, Stancl\Tenancy\Bootstrappers\BatchTenancyBootstrapper::class,
// Stancl\Tenancy\Bootstrappers\SessionTenancyBootstrapper::class,
// Stancl\Tenancy\Bootstrappers\RedisTenancyBootstrapper::class, // Note: phpredis is needed // Stancl\Tenancy\Bootstrappers\RedisTenancyBootstrapper::class, // Note: phpredis is needed
], ],
@ -281,7 +282,6 @@ return [
'features' => [ 'features' => [
// Stancl\Tenancy\Features\UserImpersonation::class, // Stancl\Tenancy\Features\UserImpersonation::class,
// Stancl\Tenancy\Features\TelescopeTags::class, // Stancl\Tenancy\Features\TelescopeTags::class,
// Stancl\Tenancy\Features\UniversalRoutes::class,
// Stancl\Tenancy\Features\TenantConfig::class, // https://tenancyforlaravel.com/docs/v3/features/tenant-config // Stancl\Tenancy\Features\TenantConfig::class, // https://tenancyforlaravel.com/docs/v3/features/tenant-config
// Stancl\Tenancy\Features\CrossDomainRedirect::class, // https://tenancyforlaravel.com/docs/v3/features/cross-domain-redirect // Stancl\Tenancy\Features\CrossDomainRedirect::class, // https://tenancyforlaravel.com/docs/v3/features/cross-domain-redirect
], ],

4
assets/tenant_routes.stub.php
View file

@ -4,7 +4,7 @@ declare(strict_types=1);
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
use Stancl\Tenancy\Middleware\InitializeTenancyByDomain; use Stancl\Tenancy\Middleware\InitializeTenancyByDomain;
use Stancl\Tenancy\Middleware\PreventAccessFromCentralDomains; use Stancl\Tenancy\Middleware\PreventAccessFromUnwantedDomains;
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
@ -21,7 +21,7 @@ use Stancl\Tenancy\Middleware\PreventAccessFromCentralDomains;
Route::middleware([ Route::middleware([
'web', 'web',
InitializeTenancyByDomain::class, InitializeTenancyByDomain::class,
PreventAccessFromCentralDomains::class, PreventAccessFromUnwantedDomains::class,
])->group(function () { ])->group(function () {
Route::get('/', function () { Route::get('/', function () {
return 'This is your multi-tenant application. The id of the current tenant is ' . tenant('id'); return 'This is your multi-tenant application. The id of the current tenant is ' . tenant('id');

4
composer.json
View file

@ -17,14 +17,14 @@
"require": { "require": {
"php": "^8.1", "php": "^8.1",
"ext-json": "*", "ext-json": "*",
"illuminate/support": "^9.0", "illuminate/support": "^9.38",
"spatie/ignition": "^1.4", "spatie/ignition": "^1.4",
"ramsey/uuid": "^4.0", "ramsey/uuid": "^4.0",
"stancl/jobpipeline": "^1.0", "stancl/jobpipeline": "^1.0",
"stancl/virtualcolumn": "^1.3" "stancl/virtualcolumn": "^1.3"
}, },
"require-dev": { "require-dev": {
"laravel/framework": "^9.0", "laravel/framework": "^9.38",
"orchestra/testbench": "^7.0", "orchestra/testbench": "^7.0",
"league/flysystem-aws-s3-v3": "^3.0", "league/flysystem-aws-s3-v3": "^3.0",
"doctrine/dbal": "^2.10", "doctrine/dbal": "^2.10",

1
phpunit.xml
View file

@ -23,6 +23,7 @@
</filter> </filter>
<php> <php>
<env name="APP_ENV" value="testing"/> <env name="APP_ENV" value="testing"/>
<env name="APP_KEY" value="base64:uYVmTs9lrQbXWfHgSSiG0VZMjc2KG/fBbjV1i1JDVos="/>
<env name="BCRYPT_ROUNDS" value="4"/> <env name="BCRYPT_ROUNDS" value="4"/>
<env name="CACHE_DRIVER" value="redis"/> <env name="CACHE_DRIVER" value="redis"/>
<env name="MAIL_DRIVER" value="array"/> <env name="MAIL_DRIVER" value="array"/>

66
src/Bootstrappers/SessionTenancyBootstrapper.php Normal file
View file

@ -0,0 +1,66 @@
<?php
declare(strict_types=1);
namespace Stancl\Tenancy\Bootstrappers;
use Illuminate\Config\Repository;
use Illuminate\Contracts\Container\Container;
use Illuminate\Session\DatabaseSessionHandler;
use Illuminate\Session\SessionManager;
use Stancl\Tenancy\Contracts\TenancyBootstrapper;
use Stancl\Tenancy\Contracts\Tenant;
/**
* This resets the database connection used by the database session driver.
*
* It runs each time tenancy is initialized or ended.
* That way the session driver always uses the current DB connection.
*/
class SessionTenancyBootstrapper implements TenancyBootstrapper
{
public function __construct(
protected Repository $config,
protected Container $container,
protected SessionManager $session,
) {
}
public function bootstrap(Tenant $tenant): void
{
$this->resetDatabaseHandler();
}
public function revert(): void
{
// When ending tenancy, this runs *before* the DatabaseTenancyBootstrapper, so DB tenancy
// is still bootstrapped. For that reason, we have to explicitly use the central connection
$this->resetDatabaseHandler(config('tenancy.database.central_connection'));
}
protected function resetDatabaseHandler(string $defaultConnection = null): void
{
$sessionDrivers = $this->session->getDrivers();
if (isset($sessionDrivers['database'])) {
/** @var \Illuminate\Session\Store $databaseDriver */
$databaseDriver = $sessionDrivers['database'];
$databaseDriver->setHandler($this->createDatabaseHandler($defaultConnection));
}
}
protected function createDatabaseHandler(string $defaultConnection = null): DatabaseSessionHandler
{
// Typically returns null, so this falls back to the default DB connection
$connection = $this->config->get('session.connection') ?? $defaultConnection;
// Based on SessionManager::createDatabaseDriver
return new DatabaseSessionHandler(
$this->container->make('db')->connection($connection),
$this->config->get('session.table'),
$this->config->get('session.lifetime'),
$this->container,
);
}
}

64
src/Features/UniversalRoutes.php
View file

@ -1,64 +0,0 @@
<?php
declare(strict_types=1);
namespace Stancl\Tenancy\Features;
use Closure;
use Illuminate\Routing\Route;
use Illuminate\Support\Facades\Route as Router;
use Stancl\Tenancy\Contracts\Feature;
use Stancl\Tenancy\Middleware;
use Stancl\Tenancy\Tenancy;
class UniversalRoutes implements Feature
{
public static string $middlewareGroup = 'universal';
// todo docblock
/** @var array<class-string<\Stancl\Tenancy\Middleware\IdentificationMiddleware>> */
public static array $identificationMiddlewares = [
Middleware\InitializeTenancyByDomain::class,
Middleware\InitializeTenancyBySubdomain::class,
];
public function bootstrap(Tenancy $tenancy): void
{
foreach (static::$identificationMiddlewares as $middleware) {
$originalOnFail = $middleware::$onFail;
$middleware::$onFail = function ($exception, $request, $next) use ($originalOnFail) {
if (static::routeHasMiddleware($request->route(), static::$middlewareGroup)) {
return $next($request);
}
if ($originalOnFail) {
return $originalOnFail($exception, $request, $next);
}
throw $exception;
};
}
}
public static function routeHasMiddleware(Route $route, string $middleware): bool
{
/** @var array $routeMiddleware */
$routeMiddleware = $route->middleware();
if (in_array($middleware, $routeMiddleware, true)) {
return true;
}
// Loop one level deep and check if the route's middleware
// groups have the searched middleware group inside them
$middlewareGroups = Router::getMiddlewareGroups();
foreach ($route->gatherMiddleware() as $inner) {
if (! $inner instanceof Closure && isset($middlewareGroups[$inner]) && in_array($middleware, $middlewareGroups[$inner], true)) {
return true;
}
}
return false;
}
}

5
src/Middleware/InitializeTenancyByDomain.php
View file

@ -22,6 +22,11 @@ class InitializeTenancyByDomain extends IdentificationMiddleware
/** @return \Illuminate\Http\Response|mixed */ /** @return \Illuminate\Http\Response|mixed */
public function handle(Request $request, Closure $next): mixed public function handle(Request $request, Closure $next): mixed
{ {
if (in_array($request->getHost(), config('tenancy.central_domains', []), true)) {
// Always bypass tenancy initialization when host is in central domains
return $next($request);
}
return $this->initializeTenancy( return $this->initializeTenancy(
$request, $request,
$next, $next,

26
src/Middleware/InitializeTenancyByPath.php
View file

@ -28,14 +28,13 @@ class InitializeTenancyByPath extends IdentificationMiddleware
/** @return \Illuminate\Http\Response|mixed */ /** @return \Illuminate\Http\Response|mixed */
public function handle(Request $request, Closure $next): mixed public function handle(Request $request, Closure $next): mixed
{ {
/** @var Route $route */ $route = $this->route($request);
$route = $request->route();
// Only initialize tenancy if tenant is the first parameter // Only initialize tenancy if tenant is the first parameter
// We don't want to initialize tenancy if the tenant is // We don't want to initialize tenancy if the tenant is
// simply injected into some route controller action. // simply injected into some route controller action.
if ($route->parameterNames()[0] === PathTenantResolver::tenantParameterName()) { if ($route->parameterNames()[0] === PathTenantResolver::tenantParameterName()) {
$this->setDefaultTenantForRouteParametersWhenTenancyIsInitialized(); $this->setDefaultTenantForRouteParametersWhenInitializingTenancy();
return $this->initializeTenancy( return $this->initializeTenancy(
$request, $request,
@ -47,7 +46,26 @@ class InitializeTenancyByPath extends IdentificationMiddleware
} }
} }
protected function setDefaultTenantForRouteParametersWhenTenancyIsInitialized(): void protected function route(Request $request): Route
{
/** @var Route $route */
$route = $request->route();
if (! $route) {
// Create a fake $route instance that has enough information for this middleware's needs
$route = new Route($request->method(), $request->getUri(), []);
/**
* getPathInfo() returns the path except the root domain.
* We fetch the first parameter because tenant parameter is *always* first.
*/
$route->parameters[PathTenantResolver::tenantParameterName()] = explode('/', ltrim($request->getPathInfo(), '/'))[0];
$route->parameterNames[] = PathTenantResolver::tenantParameterName();
}
return $route;
}
protected function setDefaultTenantForRouteParametersWhenInitializingTenancy(): void
{ {
Event::listen(InitializingTenancy::class, function (InitializingTenancy $event) { Event::listen(InitializingTenancy::class, function (InitializingTenancy $event) {
/** @var Tenant $tenant */ /** @var Tenant $tenant */

5
src/Middleware/InitializeTenancyBySubdomain.php
View file

@ -27,6 +27,11 @@ class InitializeTenancyBySubdomain extends InitializeTenancyByDomain
/** @return Response|mixed */ /** @return Response|mixed */
public function handle(Request $request, Closure $next): mixed public function handle(Request $request, Closure $next): mixed
{ {
if (in_array($request->getHost(), config('tenancy.central_domains', []), true)) {
// Always bypass tenancy initialization when host is in central domains
return $next($request);
}
$subdomain = $this->makeSubdomain($request->getHost()); $subdomain = $this->makeSubdomain($request->getHost());
if (is_object($subdomain) && $subdomain instanceof Exception) { if (is_object($subdomain) && $subdomain instanceof Exception) {

30
src/Middleware/PreventAccessFromCentralDomains.php
View file

@ -1,30 +0,0 @@
<?php
declare(strict_types=1);
namespace Stancl\Tenancy\Middleware;
use Closure;
use Illuminate\Http\Request;
class PreventAccessFromCentralDomains
{
/**
* Set this property if you want to customize the on-fail behavior.
*/
public static ?Closure $abortRequest;
/** @return \Illuminate\Http\Response|mixed */
public function handle(Request $request, Closure $next): mixed
{
if (in_array($request->getHost(), config('tenancy.central_domains'))) {
$abortRequest = static::$abortRequest ?? function () {
abort(404);
};
return $abortRequest($request, $next);
}
return $next($request);
}
}

58
src/Middleware/PreventAccessFromUnwantedDomains.php Normal file
View file

@ -0,0 +1,58 @@
<?php
declare(strict_types=1);
namespace Stancl\Tenancy\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Routing\Route;
use Illuminate\Support\Facades\Route as Router;
// todo come up with a better name
class PreventAccessFromUnwantedDomains
{
/**
* Set this property if you want to customize the on-fail behavior.
*/
public static ?Closure $abortRequest;
/** @return \Illuminate\Http\Response|mixed */
public function handle(Request $request, Closure $next): mixed
{
if ($this->routeHasMiddleware($request->route(), 'universal')) {
return $next($request);
}
if (in_array($request->getHost(), config('tenancy.central_domains'), true)) {
$abortRequest = static::$abortRequest ?? function () {
abort(404);
};
return $abortRequest($request, $next);
}
return $next($request);
}
protected function routeHasMiddleware(Route $route, string $middleware): bool
{
/** @var array $routeMiddleware */
$routeMiddleware = $route->middleware();
if (in_array($middleware, $routeMiddleware, true)) {
return true;
}
// Loop one level deep and check if the route's middleware
// groups have the searched middleware group inside them
$middlewareGroups = Router::getMiddlewareGroups();
foreach ($route->gatherMiddleware() as $inner) {
if (! $inner instanceof Closure && isset($middlewareGroups[$inner]) && in_array($middleware, $middlewareGroups[$inner], true)) {
return true;
}
}
return false;
}
}

6
tests/CommandsTest.php
View file

@ -180,17 +180,17 @@ test('rollback command works', function () {
expect(Schema::hasTable('users'))->toBeFalse(); expect(Schema::hasTable('users'))->toBeFalse();
}); });
test('seed command works', function (){ test('seed command works', function () {
$tenant = Tenant::create(); $tenant = Tenant::create();
Artisan::call('tenants:migrate'); Artisan::call('tenants:migrate');
$tenant->run(function (){ $tenant->run(function () {
expect(DB::table('users')->count())->toBe(0); expect(DB::table('users')->count())->toBe(0);
}); });
Artisan::call('tenants:seed', ['--class' => TestSeeder::class]); Artisan::call('tenants:seed', ['--class' => TestSeeder::class]);
$tenant->run(function (){ $tenant->run(function () {
$user = DB::table('users'); $user = DB::table('users');
expect($user->count())->toBe(1) expect($user->count())->toBe(1)
->and($user->first()->email)->toBe('seeded@user'); ->and($user->first()->email)->toBe('seeded@user');

2
tests/DeleteDomainsJobTest.php
View file

@ -9,7 +9,7 @@ beforeEach(function () {
config(['tenancy.models.tenant' => DatabaseAndDomainTenant::class]); config(['tenancy.models.tenant' => DatabaseAndDomainTenant::class]);
}); });
test('job delete domains successfully', function (){ test('job delete domains successfully', function () {
$tenant = DatabaseAndDomainTenant::create(); $tenant = DatabaseAndDomainTenant::create();
$tenant->domains()->create([ $tenant->domains()->create([

2
tests/DomainTest.php
View file

@ -8,7 +8,6 @@ use Stancl\Tenancy\Database\Models;
use Stancl\Tenancy\Database\Models\Domain; use Stancl\Tenancy\Database\Models\Domain;
use Stancl\Tenancy\Exceptions\DomainOccupiedByOtherTenantException; use Stancl\Tenancy\Exceptions\DomainOccupiedByOtherTenantException;
use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedOnDomainException; use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedOnDomainException;
use Stancl\Tenancy\Features\UniversalRoutes;
use Stancl\Tenancy\Middleware\InitializeTenancyByDomain; use Stancl\Tenancy\Middleware\InitializeTenancyByDomain;
use Stancl\Tenancy\Resolvers\DomainTenantResolver; use Stancl\Tenancy\Resolvers\DomainTenantResolver;
@ -95,7 +94,6 @@ test('throw correct exception when onFail is null and universal routes are enabl
// Enable UniversalRoute feature // Enable UniversalRoute feature
Route::middlewareGroup('universal', []); Route::middlewareGroup('universal', []);
config(['tenancy.features' => [UniversalRoutes::class]]);
$this->withoutExceptionHandling()->get('http://foo.localhost/foo/abc/xyz'); $this->withoutExceptionHandling()->get('http://foo.localhost/foo/abc/xyz');
})->throws(TenantCouldNotBeIdentifiedOnDomainException::class);; })->throws(TenantCouldNotBeIdentifiedOnDomainException::class);;

104
tests/EarlyIdentificationTest.php Normal file
View file

@ -0,0 +1,104 @@
<?php
declare(strict_types=1);
use Illuminate\Contracts\Http\Kernel;
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\Route;
use Stancl\Tenancy\Events\TenancyInitialized;
use Stancl\Tenancy\Middleware\InitializeTenancyByDomain;
use Stancl\Tenancy\Middleware\InitializeTenancyByDomainOrSubdomain;
use Stancl\Tenancy\Middleware\InitializeTenancyByPath;
use Stancl\Tenancy\Middleware\InitializeTenancyByRequestData;
use Stancl\Tenancy\Middleware\InitializeTenancyBySubdomain;
use Stancl\Tenancy\Middleware\PreventAccessFromUnwantedDomains;
use Stancl\Tenancy\Tests\Etc\EarlyIdentification\Controller;
use Stancl\Tenancy\Tests\Etc\Tenant;
beforeEach(function () {
config()->set([
'tenancy.token' => 'central-abc123',
]);
Event::listen(TenancyInitialized::class, function (TenancyInitialized $event) {
config()->set([
'tenancy.token' => $event->tenancy->tenant->getTenantKey() . '-abc123',
]);
});
});
test('early identification works with path identification', function () {
app(Kernel::class)->pushMiddleware(InitializeTenancyByPath::class);
Route::group([
'prefix' => '/{tenant}',
], function () {
Route::get('/foo', [Controller::class, 'index'])->name('foo');
});
Tenant::create([
'id' => 'acme',
]);
$response = pest()->get('/acme/foo')->assertOk();
assertTenancyInitializedInEarlyIdentificationRequest($response->getContent());
// check if default parameter feature is working fine by asserting that the route WITHOUT the tenant parameter
// matches the route WITH the tenant parameter
expect(route('foo'))->toBe(route('foo', ['tenant' => 'acme']));
});
test('early identification works with request data identification', function (string $type) {
app(Kernel::class)->pushMiddleware(InitializeTenancyByRequestData::class);
Route::get('/foo', [Controller::class, 'index'])->name('foo');
$tenant = Tenant::create([
'id' => 'acme',
]);
if ($type === 'header') {
$response = pest()->get('/foo', ['X-Tenant' => $tenant->id])->assertOk();
} elseif ($type === 'queryParameter') {
$response = pest()->get("/foo?tenant=$tenant->id")->assertOk();
}
assertTenancyInitializedInEarlyIdentificationRequest($response->getContent());
})->with([
'using request header parameter' => 'header',
'using request query parameter' => 'queryParameter'
]);
// The name of this test is suffixed by the dataset — domain / subdomain / domainOrSubdomain identification
test('early identification works', function (string $middleware, string $domain, string $url) {
app(Kernel::class)->pushMiddleware($middleware);
config(['tenancy.tenant_model' => Tenant::class]);
Route::get('/foo', [Controller::class, 'index'])
->middleware(PreventAccessFromUnwantedDomains::class)
->name('foo');
$tenant = Tenant::create();
$tenant->domains()->create([
'domain' => $domain,
]);
$response = pest()->get($url)->assertOk();
assertTenancyInitializedInEarlyIdentificationRequest($response->getContent());
})->with([
'domain identification' => ['middleware' => InitializeTenancyByDomain::class, 'domain' => 'foo.test', 'url' => 'http://foo.test/foo'],
'subdomain identification' => ['middleware' => InitializeTenancyBySubdomain::class, 'domain' => 'foo', 'url' => 'http://foo.localhost/foo'],
'domainOrSubdomain identification using domain' => ['middleware' => InitializeTenancyByDomainOrSubdomain::class, 'domain' => 'foo.test', 'url' => 'http://foo.test/foo'],
'domainOrSubdomain identification using subdomain' => ['middleware' => InitializeTenancyByDomainOrSubdomain::class, 'domain' => 'foo', 'url' => 'http://foo.localhost/foo'],
]);
function assertTenancyInitializedInEarlyIdentificationRequest(string|false $string): void
{
expect($string)->toBe(tenant()->getTenantKey() . '-abc123'); // Assert that the service class returns tenant value
expect(app()->make('additionalMiddlewareRunsInTenantContext'))->toBeTrue(); // Assert that middleware added in the controller constructor runs in tenant context
expect(app()->make('controllerRunsInTenantContext'))->toBeTrue(); // Assert that tenancy is initialized in the controller constructor
}

16
tests/Etc/EarlyIdentification/AdditionalMiddleware.php Normal file
View file

@ -0,0 +1,16 @@
<?php
namespace Stancl\Tenancy\Tests\Etc\EarlyIdentification;
use Closure;
use Illuminate\Http\Request;
class AdditionalMiddleware
{
public function handle(Request $request, Closure $next): mixed
{
app()->instance('additionalMiddlewareRunsInTenantContext', tenancy()->initialized);
return $next($request);
}
}

19
tests/Etc/EarlyIdentification/Controller.php Normal file
View file

@ -0,0 +1,19 @@
<?php
namespace Stancl\Tenancy\Tests\Etc\EarlyIdentification;
use Illuminate\Routing\Controller as BaseController;
class Controller extends BaseController
{
public function __construct(public Service $service)
{
app()->instance('controllerRunsInTenantContext', tenancy()->initialized);
$this->middleware(AdditionalMiddleware::class);
}
public function index(): string
{
return $this->service->token;
}
}

15
tests/Etc/EarlyIdentification/Service.php Normal file
View file

@ -0,0 +1,15 @@
<?php
declare(strict_types=1);
namespace Stancl\Tenancy\Tests\Etc\EarlyIdentification;
class Service
{
public string $token;
public function __construct()
{
$this->token = config('tenancy.token');
}
}

2
tests/Etc/HttpKernel.php
View file

@ -30,7 +30,7 @@ class HttpKernel extends Kernel
*/ */
protected $middlewareGroups = [ protected $middlewareGroups = [
'web' => [ 'web' => [
\Orchestra\Testbench\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class, \Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class, // \Illuminate\Session\Middleware\AuthenticateSession::class,

35
tests/Etc/session_migrations/2022_05_11_181442_create_sessions_table.php Normal file
View file

@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateSessionsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('sessions', function (Blueprint $table) {
$table->string('id')->primary();
$table->foreignId('user_id')->nullable()->index();
$table->string('ip_address', 45)->nullable();
$table->text('user_agent')->nullable();
$table->text('payload');
$table->integer('last_activity')->index();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('sessions');
}
}

145
tests/SessionBootstrapperTest.php Normal file
View file

@ -0,0 +1,145 @@
<?php
declare(strict_types=1);
use Illuminate\Support\Facades\Event;
use Illuminate\Support\Facades\Route;
use Stancl\JobPipeline\JobPipeline;
use Stancl\Tenancy\Bootstrappers\DatabaseTenancyBootstrapper;
use Stancl\Tenancy\Bootstrappers\SessionTenancyBootstrapper;
use Stancl\Tenancy\Events;
use Stancl\Tenancy\Events\TenantCreated;
use Stancl\Tenancy\Jobs\CreateDatabase;
use Stancl\Tenancy\Listeners;
use Stancl\Tenancy\Middleware\InitializeTenancyByDomain;
use Stancl\Tenancy\Tests\Etc\Tenant;
/**
* This collection of regression tests verifies that SessionTenancyBootstrapper
* fully fixes the issue described here https://github.com/archtechx/tenancy/issues/547
*
* This means: using the DB session driver and:
* 1) switching to the central context from tenant requests, OR
* 2) switching to the tenant context from central requests
*/
beforeEach(function () {
config(['session.driver' => 'database']);
config(['tenancy.bootstrappers' => [DatabaseTenancyBootstrapper::class]]);
Event::listen(
TenantCreated::class,
JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
return $event->tenant;
})->toListener()
);
Event::listen(Events\TenancyInitialized::class, Listeners\BootstrapTenancy::class);
Event::listen(Events\TenancyEnded::class, Listeners\RevertToCentralContext::class);
// Sessions table for central database
pest()->artisan('migrate', [
'--path' => __DIR__ . '/Etc/session_migrations',
'--realpath' => true,
])->assertExitCode(0);
});
test('central helper can be used in tenant requests', function (bool $enabled, bool $shouldThrow) {
if ($enabled) {
config()->set(
'tenancy.bootstrappers',
array_merge(config('tenancy.bootstrappers'), [SessionTenancyBootstrapper::class]),
);
}
$tenant = Tenant::create();
$tenant->domains()->create(['domain' => 'foo.localhost']);
// run for tenants
pest()->artisan('tenants:migrate', [
'--path' => __DIR__ . '/Etc/session_migrations',
'--realpath' => true,
])->assertExitCode(0);
Route::middleware(['web', InitializeTenancyByDomain::class])->get('/bar', function () {
session(['message' => 'tenant session']);
tenancy()->central(function () {
return 'central results';
});
return session('message');
});
// We initialize tenancy before making the request, since sessions work a bit differently in tests
// and we need the DB session handler to use the tenant connection (as it does in a real app on tenant requests).
tenancy()->initialize($tenant);
try {
$this->withoutExceptionHandling()
->get('http://foo.localhost/bar')
->assertOk()
->assertSee('tenant session');
if ($shouldThrow) {
pest()->fail('Exception not thrown');
}
} catch (Throwable $e) {
if ($shouldThrow) {
pest()->assertTrue(true); // empty assertion to make the test pass
} else {
pest()->fail('Exception thrown: ' . $e->getMessage());
}
}
})->with([
['enabled' => false, 'shouldThrow' => true],
['enabled' => true, 'shouldThrow' => false],
]);
test('tenant run helper can be used on central requests', function (bool $enabled, bool $shouldThrow) {
if ($enabled) {
config()->set(
'tenancy.bootstrappers',
array_merge(config('tenancy.bootstrappers'), [SessionTenancyBootstrapper::class]),
);
}
Tenant::create();
// run for tenants
pest()->artisan('tenants:migrate', [
'--path' => __DIR__ . '/Etc/session_migrations',
'--realpath' => true,
])->assertExitCode(0);
Route::middleware(['web'])->get('/bar', function () {
session(['message' => 'central session']);
Tenant::first()->run(function () {
return 'tenant results';
});
return session('message');
});
try {
$this->withoutExceptionHandling()
->get('http://localhost/bar')
->assertOk()
->assertSee('central session');
if ($shouldThrow) {
pest()->fail('Exception not thrown');
}
} catch (Throwable $e) {
if ($shouldThrow) {
pest()->assertTrue(true); // empty assertion to make the test pass
} else {
pest()->fail('Exception thrown: ' . $e->getMessage());
}
}
})->with([
['enabled' => false, 'shouldThrow' => true],
['enabled' => true, 'shouldThrow' => false],
]);

29
tests/SubdomainTest.php
View file

@ -52,12 +52,13 @@ test('onfail logic can be customized', function () {
->assertSee('foo'); ->assertSee('foo');
}); });
test('localhost is not a valid subdomain', function () { test('archte.ch is not a valid subdomain', function () {
pest()->expectException(NotASubdomainException::class); pest()->expectException(NotASubdomainException::class);
// This gets routed to the app, but with a request domain of 'archte.ch'
$this $this
->withoutExceptionHandling() ->withoutExceptionHandling()
->get('http://localhost/foo/abc/xyz'); ->get('http://archte.ch/foo/abc/xyz');
}); });
test('ip address is not a valid subdomain', function () { test('ip address is not a valid subdomain', function () {
@ -65,7 +66,7 @@ test('ip address is not a valid subdomain', function () {
$this $this
->withoutExceptionHandling() ->withoutExceptionHandling()
->get('http://127.0.0.1/foo/abc/xyz'); ->get('http://127.0.0.2/foo/abc/xyz');
}); });
test('oninvalidsubdomain logic can be customized', function () { test('oninvalidsubdomain logic can be customized', function () {
@ -81,7 +82,7 @@ test('oninvalidsubdomain logic can be customized', function () {
$this $this
->withoutExceptionHandling() ->withoutExceptionHandling()
->get('http://127.0.0.1/foo/abc/xyz') ->get('http://127.0.0.2/foo/abc/xyz')
->assertSee('foo custom invalid subdomain handler'); ->assertSee('foo custom invalid subdomain handler');
}); });
@ -106,26 +107,6 @@ test('we cant use a subdomain that doesnt belong to our central domains', functi
->get('http://foo.localhost/foo/abc/xyz'); ->get('http://foo.localhost/foo/abc/xyz');
}); });
test('central domain is not a subdomain', function () {
config(['tenancy.central_domains' => [
'localhost',
]]);
$tenant = SubdomainTenant::create([
'id' => 'acme',
]);
$tenant->domains()->create([
'domain' => 'acme',
]);
pest()->expectException(NotASubdomainException::class);
$this
->withoutExceptionHandling()
->get('http://localhost/foo/abc/xyz');
});
class SubdomainTenant extends Models\Tenant class SubdomainTenant extends Models\Tenant
{ {
use HasDomains; use HasDomains;

101
tests/UniversalRouteTest.php
View file

@ -3,27 +3,24 @@
declare(strict_types=1); declare(strict_types=1);
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
use Stancl\Tenancy\Features\UniversalRoutes; use Stancl\Tenancy\Exceptions\TenantCouldNotBeIdentifiedOnDomainException;
use Stancl\Tenancy\Middleware\InitializeTenancyByDomain; use Stancl\Tenancy\Middleware\InitializeTenancyByDomain;
use Stancl\Tenancy\Middleware\PreventAccessFromUnwantedDomains;
use Stancl\Tenancy\Tests\Etc\Tenant; use Stancl\Tenancy\Tests\Etc\Tenant;
use Illuminate\Contracts\Http\Kernel;
afterEach(function () { test('a route can work in both central and tenant context', function (array $routeMiddleware, string|null $globalMiddleware) {
InitializeTenancyByDomain::$onFail = null; if ($globalMiddleware) {
}); app(Kernel::class)->pushMiddleware($globalMiddleware);
}
test('a route can work in both central and tenant context', function () {
Route::middlewareGroup('universal', []); Route::middlewareGroup('universal', []);
config(['tenancy.features' => [UniversalRoutes::class]]);
Route::get('/foo', function () { Route::get('/foo', function () {
return tenancy()->initialized return tenancy()->initialized
? 'Tenancy is initialized.' ? 'Tenancy is initialized.'
: 'Tenancy is not initialized.'; : 'Tenancy is not initialized.';
})->middleware(['universal', InitializeTenancyByDomain::class]); })->middleware($routeMiddleware);
pest()->get('http://localhost/foo')
->assertSuccessful()
->assertSee('Tenancy is not initialized.');
$tenant = Tenant::create([ $tenant = Tenant::create([
'id' => 'acme', 'id' => 'acme',
@ -32,28 +29,33 @@ test('a route can work in both central and tenant context', function () {
'domain' => 'acme.localhost', 'domain' => 'acme.localhost',
]); ]);
pest()->get('http://acme.localhost/foo') pest()->get("http://localhost/foo")
->assertSuccessful()
->assertSee('Tenancy is not initialized.');
pest()->get("http://acme.localhost/foo")
->assertSuccessful() ->assertSuccessful()
->assertSee('Tenancy is initialized.'); ->assertSee('Tenancy is initialized.');
}); })->with('identification types');
test('making one route universal doesnt make all routes universal', function () { test('making one route universal doesnt make all routes universal', function (array $routeMiddleware, string|null $globalMiddleware) {
Route::get('/bar', function () { if ($globalMiddleware) {
return tenant('id'); app(Kernel::class)->pushMiddleware($globalMiddleware);
})->middleware(InitializeTenancyByDomain::class); }
Route::middlewareGroup('universal', []); Route::middlewareGroup('universal', []);
config(['tenancy.features' => [UniversalRoutes::class]]);
Route::get('/foo', function () { Route::middleware($routeMiddleware)->group(function () {
Route::get('/nonuniversal', function () {
return tenant('id');
});
Route::get('/universal', function () {
return tenancy()->initialized return tenancy()->initialized
? 'Tenancy is initialized.' ? 'Tenancy is initialized.'
: 'Tenancy is not initialized.'; : 'Tenancy is not initialized.';
})->middleware(['universal', InitializeTenancyByDomain::class]); })->middleware('universal');
});
pest()->get('http://localhost/foo')
->assertSuccessful()
->assertSee('Tenancy is not initialized.');
$tenant = Tenant::create([ $tenant = Tenant::create([
'id' => 'acme', 'id' => 'acme',
@ -62,16 +64,57 @@ test('making one route universal doesnt make all routes universal', function ()
'domain' => 'acme.localhost', 'domain' => 'acme.localhost',
]); ]);
pest()->get('http://acme.localhost/foo') pest()->get("http://localhost/universal")
->assertSuccessful()
->assertSee('Tenancy is not initialized.');
pest()->get("http://acme.localhost/universal")
->assertSuccessful() ->assertSuccessful()
->assertSee('Tenancy is initialized.'); ->assertSee('Tenancy is initialized.');
tenancy()->end(); tenancy()->end();
pest()->get('http://localhost/bar') pest()->get('http://localhost/nonuniversal')
->assertStatus(500); ->assertStatus(404);
pest()->get('http://acme.localhost/bar') pest()->get('http://acme.localhost/nonuniversal')
->assertSuccessful() ->assertSuccessful()
->assertSee('acme'); ->assertSee('acme');
}); })->with([
'early identification' => [
'route_middleware' => [PreventAccessFromUnwantedDomains::class],
'global_middleware' => InitializeTenancyByDomain::class,
],
'route-level identification' => [
'route_middleware' => [PreventAccessFromUnwantedDomains::class, InitializeTenancyByDomain::class],
'global_middleware' => null,
]
]);
test('it throws correct exception when route is universal and tenant does not exist', function (array $routeMiddleware, string|null $globalMiddleware) {
if ($globalMiddleware) {
app(Kernel::class)->pushMiddleware($globalMiddleware);
}
Route::middlewareGroup('universal', []);
Route::get('/foo', function () {
return tenancy()->initialized
? 'Tenancy is initialized.'
: 'Tenancy is not initialized.';
})->middleware($routeMiddleware);
pest()->expectException(TenantCouldNotBeIdentifiedOnDomainException::class);
$this->withoutExceptionHandling()->get('http://acme.localhost/foo');
})->with('identification types');
dataset('identification types', [
'early identification' => [
'route_middleware' => ['universal', PreventAccessFromUnwantedDomains::class],
'global_middleware' => InitializeTenancyByDomain::class,
],
'route-level identification' => [
'route_middleware' => ['universal', PreventAccessFromUnwantedDomains::class, InitializeTenancyByDomain::class],
'global_middleware' => null,
]
]);