Use % for CREATE % GRANT queries

2025-12-12 18:44:03 +00:00 · 2020-05-20 14:33:24 +02:00 · 2020-05-20 14:33:24 +02:00 · e6e4548a22
commit e6e4548a22
parent 1329356b4b
5 changed files with 61 additions and 6 deletions
--- a/assets/TenancyServiceProvider.stub.php
+++ b/assets/TenancyServiceProvider.stub.php
@ -16,7 +16,6 @@ class TenancyServiceProvider extends ServiceProvider
    public function events()
    {
        return [
            // Tenant events
            Events\CreatingTenant::class => [],
            Events\TenantCreated::class => [
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -30,6 +30,15 @@ services:
            MYSQL_PASSWORD: password
        networks:
            - testnet
    mysql2:
        image: mysql:5.7
        environment:
            MYSQL_ROOT_PASSWORD: password
            MYSQL_DATABASE: main
            MYSQL_USER: user # redundant
            MYSQL_PASSWORD: password
        networks:
            - testnet
    postgres:
        image: postgres:11
        environment:
--- a/src/TenantDatabaseManagers/PermissionControlledMySQLDatabaseManager.php
+++ b/src/TenantDatabaseManagers/PermissionControlledMySQLDatabaseManager.php
@ -30,14 +30,14 @@ class PermissionControlledMySQLDatabaseManager extends MySQLDatabaseManager impl
            throw new TenantDatabaseUserAlreadyExistsException($username);
        }
-        $this->database()->statement("CREATE USER `{$username}`@`{$hostname}` IDENTIFIED BY '{$password}'");
+        $this->database()->statement("CREATE USER `{$username}`@`%` IDENTIFIED BY '{$password}'");
        $grants = implode(', ', static::$grants);
        if ($this->isVersion8()) { // MySQL 8+
-            $grantQuery = "GRANT $grants ON `$database`.* TO `$username`@`$hostname`";
+            $grantQuery = "GRANT $grants ON `$database`.* TO `$username`@`%`";
        } else { // MySQL 5.7
-            $grantQuery = "GRANT $grants ON `$database`.* TO `$username`@`$hostname` IDENTIFIED BY '$password'";
+            $grantQuery = "GRANT $grants ON `$database`.* TO `$username`@`%` IDENTIFIED BY '$password'";
        }
        return $this->database()->statement($grantQuery);
--- a/tests/DatabaseUsersTest.php
+++ b/tests/DatabaseUsersTest.php
@ -89,8 +89,8 @@ class DatabaseUsersTest extends TestCase
            'tenancy_db_username' => $user = 'user' . Str::random(8),
        ]);
-        $query = DB::connection('mysql')->select("SHOW GRANTS FOR `{$tenant->database()->getUsername()}`@`{$tenant->database()->connection()['host']}`")[1];
+        $query = DB::connection('mysql')->select("SHOW GRANTS FOR `{$tenant->database()->getUsername()}`@`%`")[1];
-        $this->assertStringStartsWith('GRANT CREATE, ALTER, ALTER ROUTINE ON', $query->{"Grants for {$user}@mysql"}); // @mysql because that's the hostname within the docker network
+        $this->assertStringStartsWith('GRANT CREATE, ALTER, ALTER ROUTINE ON', $query->{"Grants for {$user}@%"}); // @mysql because that's the hostname within the docker network
    }
    /** @test */
--- a/tests/TenantDatabaseManagerTest.php
+++ b/tests/TenantDatabaseManagerTest.php
@ -4,6 +4,7 @@ declare(strict_types=1);
 namespace Stancl\Tenancy\Tests;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Event;
 use Stancl\Tenancy\Tests\Etc\Tenant;
 use Stancl\Tenancy\DatabaseManager;
@ -21,6 +22,7 @@ use Stancl\Tenancy\TenantDatabaseManagers\PostgreSQLSchemaManager;
 use Stancl\Tenancy\TenantDatabaseManagers\SQLiteDatabaseManager;
 use Stancl\Tenancy\Tests\TestCase;
 use Illuminate\Support\Str;
 use PDO;
 class TenantDatabaseManagerTest extends TestCase
 {
@ -163,4 +165,49 @@ class TenantDatabaseManagerTest extends TestCase
            'tenancy_db_name' => $name,
        ]);
    }
    /** @test */
    public function tenant_database_can_be_created_on_a_foreign_server()
    {
        config([
            'tenancy.database_managers.mysql' => PermissionControlledMySQLDatabaseManager::class,
            'database.connections.mysql2' => [
                'driver' => 'mysql',
                'host' => 'mysql2', // important line
                'port' => 3306,
                'database' => 'main',
                'username' => 'root',
                'password' => 'password',
                'unix_socket' => env('DB_SOCKET', ''),
                'charset' => 'utf8mb4',
                'collation' => 'utf8mb4_unicode_ci',
                'prefix' => '',
                'prefix_indexes' => true,
                'strict' => true,
                'engine' => null,
                'options' => extension_loaded('pdo_mysql') ? array_filter([
                    PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'),
                ]) : [],
            ],
        ]);
        Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
            return $event->tenant;
        })->toListener());
        $name = 'foo' . Str::random(8);
        $tenant = Tenant::create([
            'tenancy_db_name' => $name,
            'tenancy_db_connection' => 'mysql2',
        ]);
        /** @var PermissionControlledMySQLDatabaseManager $manager */
        $manager = $tenant->database()->manager();
        $manager->setConnection('mysql');
        $this->assertFalse($manager->databaseExists($name));
        $manager->setConnection('mysql2');
        $this->assertTrue($manager->databaseExists($name));
    }
 }