Extract parameter validation into a trait

Also, use parameterAllowlist() instead of the static property (so that we can e.g. override it later in SQLiteDatabaseManager, since overriding the static property doesn't work).

src/Database/Concerns/ValidatesSqlParameters.php

@@ -0,0 +1,39 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Stancl\Tenancy\Database\Concerns;
+
+use InvalidArgumentException;
+
+// todo@validation this trait's name might be a bit misleading
+// it suggests validating parameters for SQL statements, but it is also used in SQLiteDatabaseManager to validate the database file name
+trait ValidatesSqlParameters
+{
+    /**
+     * Characters allowed in the parameters.
+     */
+    protected static function parameterAllowlist(): string
+    {
+        return 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-';
+    }
+
+    /**
+     * Validate that parameters (database names, usernames, etc.)
+     * contain only allowed characters before used in SQL statements.
+     *
+     * @throws InvalidArgumentException
+     */
+    protected function validateParameter(string|array $parameters): string|array
+    {
+        foreach ((array) $parameters as $parameter) {
+            foreach (str_split($parameter) as $char) {
+                if (! str_contains(static::parameterAllowlist(), $char)) {
+                    throw new InvalidArgumentException("Invalid character '{$char}' in SQL parameter: {$parameter}");
+                }
+            }
+        }
+
+        return $parameters;
+    }
+}

src/Database/TenantDatabaseManagers/TenantDatabaseManager.php

@@ -6,14 +6,13 @@ namespace Stancl\Tenancy\Database\TenantDatabaseManagers;
 
 use Illuminate\Database\Connection;
 use Illuminate\Support\Facades\DB;
-use InvalidArgumentException;
+use Stancl\Tenancy\Database\Concerns\ValidatesSqlParameters;
 use Stancl\Tenancy\Database\Contracts\StatefulTenantDatabaseManager;
 use Stancl\Tenancy\Database\Exceptions\NoConnectionSetException;
 
 abstract class TenantDatabaseManager implements StatefulTenantDatabaseManager
 {
-    /** Characters allowed in SQL identifiers (database names, usernames, schema names, etc.). */
-    public static string $allowlist = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-';
+    use ValidatesSqlParameters;
 
     /** The database connection to the server. */
     protected string $connection;
@@ -38,23 +37,4 @@ abstract class TenantDatabaseManager implements StatefulTenantDatabaseManager
 
         return $baseConfig;
     }
-
-    /**
-     * Validate that parameters (database names, usernames, etc.)
-     * contain only allowed characters before used in SQL statements.
-     *
-     * @throws InvalidArgumentException
-     */
-    protected function validateParameter(string|array $parameters): string|array
-    {
-        foreach ((array) $parameters as $parameter) {
-            foreach (str_split($parameter) as $char) {
-                if (! str_contains(static::$allowlist, $char)) {
-                    throw new InvalidArgumentException("Invalid character '{$char}' in SQL parameter: {$parameter}");
-                }
-            }
-        }
-
-        return $parameters;
-    }
 }