From c81dd5582ded3b765572abdee8dd0030b7dda5bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Samuel=20=C5=A0tancl?= Date: Mon, 14 Oct 2019 20:14:51 +0200 Subject: [PATCH] Improve PreventAccessFromTenantDomains - look into middleware subgroups --- .../PreventAccessFromTenantDomains.php | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/src/Middleware/PreventAccessFromTenantDomains.php b/src/Middleware/PreventAccessFromTenantDomains.php index c961fada..6ff97603 100644 --- a/src/Middleware/PreventAccessFromTenantDomains.php +++ b/src/Middleware/PreventAccessFromTenantDomains.php @@ -5,6 +5,8 @@ declare(strict_types=1); namespace Stancl\Tenancy\Middleware; use Closure; +use Illuminate\Routing\Route; +use Illuminate\Support\Facades\Route as Router; /** * Prevent access to non-tenant routes from domains that are not exempt from tenancy. @@ -26,7 +28,7 @@ class PreventAccessFromTenantDomains $isExemptDomain = in_array($request->getHost(), config('tenancy.exempt_domains')); $isTenantDomain = ! $isExemptDomain; - $isTenantRoute = in_array('tenancy', $request->route()->middleware()); + $isTenantRoute = $this->isTenantRoute($request->route()); if ($isTenantDomain && ! $isTenantRoute) { // accessing web routes from tenant domains return redirect(config('tenancy.home_url')); @@ -38,4 +40,22 @@ class PreventAccessFromTenantDomains return $next($request); } + + public function isTenantRoute(Route $route): bool + { + if (in_array('tenancy', $route->middleware(), true)) { + return true; + } + + // Loop one level deep and check if the route's middleware + // groups have a `tenancy` middleware grouĂș inside them + $middlewareGroups = Router::getMiddlewareGroups(); + foreach ($route->middleware() as $middleware) { + if (isset($middlewareGroups[$middleware]) && in_array('tenancy', $middlewareGroups[$middleware], true)) { + return true; + } + } + + return false; + } }