[2.1.0] Initialize tenancy before executing controller constructors (#169)

* Update message about migrations in Install * wip * Apply fixes from StyleCI * string instead of array * Fix globalUrl binding * Simplify if condition in TenantRouteServiceProvider * Apply fixes from StyleCI * Improve PreventAccessFromTenantDomains - look into middleware subgroups * Fix typo * gatherMiddleware() instead of middleware() * Fix tests * Apply fixes from StyleCI * Update install command * Apply fixes from StyleCI * Add the PreventAccess MW to tenant routes by default
2025-12-12 19:14:04 +00:00 · 2019-10-15 20:23:56 +02:00 · 2019-10-15 20:23:56 +02:00 · cbd3850a8f
commit cbd3850a8f
parent 7143bce5f9
8 changed files with 66 additions and 22 deletions
--- a/src/Middleware/InitializeTenancy.php
+++ b/src/Middleware/InitializeTenancy.php
@ -28,10 +28,16 @@ class InitializeTenancy
     */
    public function handle($request, Closure $next)
    {
-        try {
-            tenancy()->init($request->getHost());
-        } catch (TenantCouldNotBeIdentifiedException $e) {
-            ($this->onFail)($e);
+        if (tenancy()->initialized) {
+            return $next($request);
+        }
+
+        if (! in_array($request->getHost(), config('tenancy.exempt_domains', []), true)) {
+            try {
+                tenancy()->init($request->getHost());
+            } catch (TenantCouldNotBeIdentifiedException $e) {
+                ($this->onFail)($e);
+            }
        }

        return $next($request);
--- a/src/Middleware/PreventAccessFromTenantDomains.php
+++ b/src/Middleware/PreventAccessFromTenantDomains.php
@ -5,6 +5,8 @@ declare(strict_types=1);
 namespace Stancl\Tenancy\Middleware;

 use Closure;
+use Illuminate\Routing\Route;
+use Illuminate\Support\Facades\Route as Router;

 /**
 * Prevent access from tenant domains to central routes and vice versa.
@ -25,7 +27,7 @@ class PreventAccessFromTenantDomains
        $isExemptDomain = in_array($request->getHost(), config('tenancy.exempt_domains'));
        $isTenantDomain = ! $isExemptDomain;

-        $isTenantRoute = in_array('tenancy', $request->route()->middleware());
+        $isTenantRoute = $this->isTenantRoute($request->route());

        if ($isTenantDomain && ! $isTenantRoute) { // accessing web routes from tenant domains
            return redirect(config('tenancy.home_url'));
@ -37,4 +39,22 @@ class PreventAccessFromTenantDomains

        return $next($request);
    }
+
+    public function isTenantRoute(Route $route): bool
+    {
+        if (in_array('tenancy', $route->middleware(), true)) {
+            return true;
+        }
+
+        // Loop one level deep and check if the route's middleware
+        // groups have a `tenancy` middleware group inside them
+        $middlewareGroups = Router::getMiddlewareGroups();
+        foreach ($route->gatherMiddleware() as $middleware) {
+            if (isset($middlewareGroups[$middleware]) && in_array('tenancy', $middlewareGroups[$middleware], true)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
 }