Cache prefixing logic rewrite, session scoping improvements, tests refactor (#43)

* Run cache tests on all supported drivers * update ci healthcheck for memcached * remove memcached healthcheck * fix typos in test comments, expand internal.md [ci skip] * add empty line [ci skip] * switch to using $store->setPrefix() * add dynamodb * refactor try-finally to try-catch * remove unnecessary clearResolvedInstances() call * add dual Cache:: and cache() assertions * add apc * Flush APCu cache in test setup * Revert "add dual Cache:: and cache() assertions" This reverts commit a0bab162fbe2dd0d25e7056ceca4fb7ce54efc77. * phpstan fix * Add logic for scoping 'file' disks to FilesystemTenancyBootstrapper * minor changes, add todos * refactor how the session.connection is used in the DB session bootstrapper * add session forgery prevention logic to the db session bootstrapper * only use the fs bootstrapper for file disk in 'cache data is separated' dataset * minor session scoping test changes * Add session scoping logic to FilesystemTenancyBootstrapper, correctly update disk roots even with storage_path_tenancy disabled * Fix code style (php-cs-fixer) * update docblock * make not-null check more explicit * separate bootstrapper tests, fix swapped test names for two tests * refactor cache bootstrapper tests * resolve global cache todo * expand tests: session separation tests, more filesystem separation assertions; change prefix_base-type config keys to templates/formats * add apc session scoping test, various session separation bugfixes * phpstan + minor logic fixes * prefix_format -> prefix * fix database session separation test * revert composer.json changes, update laravel dependencies to expected next release * only run session scoping logic in cache bootstrapper for redis, memcached, dynamodb, apc; update gitattributes * tenancy.central_domains -> tenancy.identification.central_domains * db session separation test: add datasets --------- Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
2025-12-13 01:34:02 +00:00 · 2024-04-09 20:40:27 +02:00 · 2024-04-09 20:40:27 +02:00 · eecf6f21c8
commit eecf6f21c8
parent 943b960718
40 changed files with 1856 additions and 1177 deletions
--- a/src/Middleware/InitializeTenancyByDomain.php
+++ b/src/Middleware/InitializeTenancyByDomain.php
@ -45,7 +45,7 @@ class InitializeTenancyByDomain extends IdentificationMiddleware implements Usab
     */
    public function requestHasTenant(Request $request): bool
    {
-        return ! in_array($this->getDomain($request), config('tenancy.central_domains'));
+        return ! in_array($this->getDomain($request), config('tenancy.identification.central_domains'));
    }

    public function getDomain(Request $request): string
--- a/src/Middleware/InitializeTenancyByDomainOrSubdomain.php
+++ b/src/Middleware/InitializeTenancyByDomainOrSubdomain.php
@ -50,6 +50,6 @@ class InitializeTenancyByDomainOrSubdomain extends InitializeTenancyBySubdomain

    protected function isSubdomain(string $hostname): bool
    {
-        return Str::endsWith($hostname, config('tenancy.central_domains'));
+        return Str::endsWith($hostname, config('tenancy.identification.central_domains'));
    }
 }
--- a/src/Middleware/InitializeTenancyBySubdomain.php
+++ b/src/Middleware/InitializeTenancyBySubdomain.php
@ -66,9 +66,9 @@ class InitializeTenancyBySubdomain extends InitializeTenancyByDomain
        $isIpAddress = count(array_filter($parts, 'is_numeric')) === count($parts);

        // If we're on localhost or an IP address, then we're not visiting a subdomain.
-        $isACentralDomain = in_array($hostname, config('tenancy.central_domains'), true);
+        $isACentralDomain = in_array($hostname, config('tenancy.identification.central_domains'), true);
        $notADomain = $isLocalhost || $isIpAddress;
-        $thirdPartyDomain = ! Str::endsWith($hostname, config('tenancy.central_domains'));
+        $thirdPartyDomain = ! Str::endsWith($hostname, config('tenancy.identification.central_domains'));

        if ($isACentralDomain || $notADomain || $thirdPartyDomain) {
            return new NotASubdomainException($hostname);
--- a/src/Middleware/PreventAccessFromUnwantedDomains.php
+++ b/src/Middleware/PreventAccessFromUnwantedDomains.php
@ -51,20 +51,20 @@ class PreventAccessFromUnwantedDomains
    protected function accessingTenantRouteFromCentralDomain(Request $request, Route $route): bool
    {
        return tenancy()->getRouteMode($route) === RouteMode::TENANT // Current route's middleware context is tenant
-            && $this->isCentralDomain($request); // The request comes from a domain that IS present in the configured `tenancy.central_domains`
+            && $this->isCentralDomain($request); // The request comes from a domain that IS present in the configured `tenancy.identification.central_domains`
    }

    protected function accessingCentralRouteFromTenantDomain(Request $request, Route $route): bool
    {
        return tenancy()->getRouteMode($route) === RouteMode::CENTRAL // Current route's middleware context is central
-            && ! $this->isCentralDomain($request); // The request comes from a domain that ISN'T present in the configured `tenancy.central_domains`
+            && ! $this->isCentralDomain($request); // The request comes from a domain that ISN'T present in the configured `tenancy.identification.central_domains`
    }

    /**
-     * Check if the request's host name is present in the configured `tenancy.central_domains`.
+     * Check if the request's host name is present in the configured `tenancy.identification.central_domains`.
     */
    protected function isCentralDomain(Request $request): bool
    {
-        return in_array($request->getHost(), config('tenancy.central_domains'), true);
+        return in_array($request->getHost(), config('tenancy.identification.central_domains'), true);
    }
 }
--- a/src/Middleware/ScopeSessions.php
+++ b/src/Middleware/ScopeSessions.php
@ -12,6 +12,9 @@ class ScopeSessions
 {
    public static string $tenantIdKey = '_tenant_id';

+    /** @var Closure(Request): mixed */
+    public static Closure|null $onFail = null;
+
    /** @return \Illuminate\Http\Response|mixed */
    public function handle(Request $request, Closure $next): mixed
    {
@ -23,7 +26,9 @@ class ScopeSessions
            $request->session()->put(static::$tenantIdKey, tenant()->getTenantKey());
        } else {
            if ($request->session()->get(static::$tenantIdKey) !== tenant()->getTenantKey()) {
-                abort(403);
+                return static::$onFail !== null
+                    ? (static::$onFail)($request)
+                    : abort(403);
            }
        }