Also make all resource syncing-related listener closures static.
Also correct return type for getGlobalIdentifierKey to string|int.
(We intentionally do not support returning null like many other
"get x key" methods would since such a case might break resource
syncing logic. This is also why we use inline getAttribute() in the
creating listener instead of calling the method.)
Also move pivot record deletion to that listener and improve tests
The 'tenant pivot records are deleted along with the tenants to which
they belong to' test is failing in this commit -- the listener
for deleting mappings when a *tenant* is deleted is only implemented
in the next commit. The only change done here is to re-add FKs
(necessary for passing *in this commit* in that specific dataset
variant) that were removed from the default test migration as we now
have the DeleteResourceMapping listener that's enabled by default.
Recent Laravel installations often have http://localhost:8000 as
APP_URL, so we make sure to strip any port suffix from the default
central domain derived from APP_URL.
With the previous implementation, many users would use the default
config that enables scope_sessions. They would then deploy the app
to production and get the exception there since they use the
`database` session driver which is scoped by a different mechanism.
The idea behind throwing the exception only in prod was to make it
easy to use different setups locally without getting annoying
exceptions, while notifying users that a security feature they enabled
isn't running in production.
However, a better way of doing this is to just throw the exception
consistently in all setups and use a sane default for enabling the
scope_sessions setting based on the SESSION_DRIVER env var.
Users are always encouraged to read the session scoping docs to make
sure their session scoping configuration makes sense for their specific
setup, but this is a good balance for providing solid security out of
the box for most setups without requiring users to configure things
manually.
Remove comments about shouldBeQueued(true) being preferable in
production as that isn't necessarily true anymore with pending tenants
(or even the absence of any "optimizations", they're all optional).
Using queued tenant creation also requires some code changes in the
tenant onboarding logic, so it is misleading to imply that it's a
switch that should simply be turned on in production.
Add DatabaseCacheBootstrapper to config.php as it was missing there.
Remove note about MailConfigBootstrapper needing forceRefresh in the
QueueTenancyBootstrapper as we now use a non-persistent queue
bootstrapper by default.
The feature was pretty much a soft-bootstrapper -- it listened
to both Bootstrapped and Reverted. Bootstrappers have a few more
protections in terms of error handling and safe reverting, so there's
no point in (badly) re-implementing bootstrapper functionality within
TenantConfig just so it could be a Feature.
Going forward, all Features should be things that are mostly agnostic
of the tenant state, and especially they should not use bootstrapped/
reverted events. Bootstrappers are simply more appropriate and safe.
* UrlGenerator: set defaults based on config; request data: move config to config file+resolver
* Claude code adjustments
* improve request data tests, simplify complex test in UrlGeneratorBootstrapperTest
* url generator test: test changing tenant parameter name
* request data identification: add tenant_model_column configuration
* defaultParameterNames -> passQueryParameter
* move comment
* minor refactor in PathIdentificationTest, expand CLAUDE.md to include early identification section
* Fix COLOR_FLAG
* improve test name
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* TenancyUrlGenerator: add a check for queryParameterName being null
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Fix code style (php-cs-fixer)
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Add regression test for removing invalid symlinks
* Move commented RemoveStorageSymlinks job to the DeletingTenant pipeline (better default - the symlinks will be removed *before* deleting tenant storage)
* Remove symlink validity check from symlinkExists() (only check for the symlink's existence)
* Delete complete todo0
* Make the symlink assertions more explicit
* update test name
---------
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* cleanup, resolve todos, add immediate todos
* Improve path_identification_middleware docblock
* rename leave() method in tests
* wip fix hardcoded values making assumptions about the parameters used in routing
* defaultParameterNames
* fix CreatesDatabaseUsers return values
* $tenant -> tenant()
* resolve more todos
* make comment block a complete block
* Correct useTenantRoutesInFortify(), delete unused import
* test fixes
* remove todos
* remove JobPipeline todo
* simplify comment example
* remove todo
* fix VERSION_PREFIX in queue.yml
---------
Co-authored-by: lukinovec <lukinovec@gmail.com>
* Make universal route logic part of tbe early ID trait
* Add requstHasTenant to prevent access MW, add todo@samuel
* Delete PathIdentificationManager, move the used methods appropriately
* Correct and refactor code related to the deleted PathIdentificationManager class
* Add docblock
* Fix code style (php-cs-fixer)
* refactor globalStackMiddleware()
* remove todos [ci skip]
* refactor routeMiddleware()
* revert bool assertions
* revert more changes
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Only retrieve domains if the relationship and the domains table exist (DomianTenantResolver)
* Resolve todo, add other todos
* Use constructor promotion in DeleteDomains
* Fix imports + domain deletion test
* Confirm that turning on resolver caching doesn't break the tests
* Fix Tenant model imports
* Fix code style (php-cs-fixer)
* remove runtime schema check
* temp: enable resolver cache
* make 'autoincrement ids are supported' pass
* disable resolver cache
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Run cache tests on all supported drivers
* update ci healthcheck for memcached
* remove memcached healthcheck
* fix typos in test comments, expand internal.md [ci skip]
* add empty line [ci skip]
* switch to using $store->setPrefix()
* add dynamodb
* refactor try-finally to try-catch
* remove unnecessary clearResolvedInstances() call
* add dual Cache:: and cache() assertions
* add apc
* Flush APCu cache in test setup
* Revert "add dual Cache:: and cache() assertions"
This reverts commit a0bab162fbe2dd0d25e7056ceca4fb7ce54efc77.
* phpstan fix
* Add logic for scoping 'file' disks to FilesystemTenancyBootstrapper
* minor changes, add todos
* refactor how the session.connection is used in the DB session bootstrapper
* add session forgery prevention logic to the db session bootstrapper
* only use the fs bootstrapper for file disk in 'cache data is separated' dataset
* minor session scoping test changes
* Add session scoping logic to FilesystemTenancyBootstrapper, correctly update disk roots even with storage_path_tenancy disabled
* Fix code style (php-cs-fixer)
* update docblock
* make not-null check more explicit
* separate bootstrapper tests, fix swapped test names for two tests
* refactor cache bootstrapper tests
* resolve global cache todo
* expand tests: session separation tests, more filesystem separation assertions; change prefix_base-type config keys to templates/formats
* add apc session scoping test, various session separation bugfixes
* phpstan + minor logic fixes
* prefix_format -> prefix
* fix database session separation test
* revert composer.json changes, update laravel dependencies to expected next release
* only run session scoping logic in cache bootstrapper for redis, memcached, dynamodb, apc; update gitattributes
* tenancy.central_domains -> tenancy.identification.central_domains
* db session separation test: add datasets
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
* resolver refactor
* Fix code style (php-cs-fixer)
* make tenant column used in PathTenantResolver configurable, fix phpstan errors, minor improvements
* support binding route fields, write tests for customizable tenant columns
* Invalidate cache for all possible columns in path resolver
* implement proper cache separation logic for different columns used by PathTenantResolver
* improve return type
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
* Add RandomHexGenerator, create new namespace
* phpstan ignore
* add base64 generator
* add note about base64 being case sensitive
* docblock updates
* replace old UUIDGenerator with a class that throws an exception
* replace base64 generator with a random string generator
* Fix namespace
* Fix code style (php-cs-fixer)
* add test for the deprecated uuid generator
* update comments
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
* Add &Model to docblock
* Fix code style (php-cs-fixer)
* Only delete synced resource if the central resource shouldSync
* Add central resource detached event and listener
* Add SyncedTenant interface
* Use the event & listener in the test file
* Add getGlobalIdentifierKey(Name) to TenantMorphPivot
* Refactor TriggerSyncingEvents
* Fix code style (php-cs-fixer)
* Test queueing the detaching listener
* Move finding the central resource into the event, naming changes
* Fix code style (php-cs-fixer)
* Simplify listener code
* Refactor detaching logic
* Create tenant resource after attaching central to tenant, test queueing related listener
* Delete dd()
* Fix code style (php-cs-fixer)
* Move triggerAttachEvent from SyncMaster
* Update attach event-related code
* Move findResource from SyncedTenant to the pivot trait
* Add annotation
* Update annotation
* Simplify getAttributesForCreation in CreateTenantResourceFromSyncMaster
* Update naming
* Add tenant trait for attaching/detaching resources
* Update test names
* Move creation attribute parsing method to trait
* Rename variable
* Fix code style (php-cs-fixer)
* Delete complete to-do
* Delete event comment
* Rename event property
* Find tenant resource in detach listener
* Use global ID key of tenant resource in cascade deletes listener
* Use global ID key name of the central resource while creating/deleting tenant resources
* Add getSyncedCreationAttributes example in the annotation
* Fix inconsistencies in SyncedTenant methods
* Improve annotation
* Don't return the query in `$scopeGetModelQuery`
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Fix code style (php-cs-fixer)
* Update scoping getModel query
* Only use detach event instead of using both detach and delete events, refactor code
* Test that detaching tenant from a central resource doesn't affect other tenants
* Delete extra imports
* Fix code style (php-cs-fixer)
* Add PivotWithRelation, test attaching/detaching resources without polymorphic relations
* Refactor TriggerSyncingEvents to work with non-polymorphic relations too
* Fix code style (php-cs-fixer)
* Rename synced resource changed event, fix tests
* Enforce passing Tenant&Model to attach/detach events
* Prevent firing saved event automatically in CreateTenantResource
* Improve TriggerSyncingEvents trait
* Delete unused import
* Make TriggerSyncingEvents methods non-static, improve annotations
* Pass saved model to event
* Move attach/detach queueing tests to ResourceSyncingTest, pass models instead of IDs to attach/detach
* Move events to ResourceSyncing\Events
* Fix code style (php-cs-fixer)
* Use SerializesModels in queueable listeners instead of events
* Delete redundant $shouldQueue setting
* Rename listener, test cascade deletes from both sides of many-to-many
* Move creation attributes-related code to a separate test file, improve comments (wip)
* Improve comments, fix variable name capitalization
* Delete tracing comma
* Extract duplicate code into a trait
* Don't accept nullable tenant in SyncMasterDeleted
* Fix annotation
* Fix code style (php-cs-fixer)
* Update annotation
* Fix PHPStan error
* Fix annotation
* Update comments and test naming
* Move triggerDeleteEvent to CascadeDeletes interface
* Rename test file
* Import TenantPivot in Tenant class (tests/Etc)
* Add central resource not available in pivot exception
* Rename SaveSyncedResource to UpdateOrCreateSyncedResource
* Add new events and listeners to TSP stub
* Improve comments and naming
* Only keep SerializesModels in classes that utilize it
* Use tenant->run()
* Import events in stub
* Move RS listeners to separate namespace, use `Event/`Listener/` in stub for consistency
* Fix code style (php-cs-fixer)
* Fix namespace changes
* Use cursor instead of get
* Update src/ResourceSyncing/ParsesCreationAttributes.php
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Update naming, structure (discussed on Discord)
* Update uses in in test file
* remove double ;;
* Add comments
* Test if static properties work fine with queueable listeners
* Update $shouldQuery test
* Update creation attributes
* Work on updating the tests
* Make synced attributes configurable using static properties
* Update resource syncing tests
* Get rid of mixed attribute classes
* Get rid of TenantUserWIthCreationAttributes
* Fix imports
* Get rid of the conditionally synced classes, improve tests
* Simplify resource creation tests (only test the more complex cases instead of each case - if the complex case works, the simpler cases work too)
* Clean up ResourceSyncingTest (mostly duplicate tests that were already in AutomaticResourceCreationTest)
* Simplify class naming in polymorhpic tests
* Move automatic resource creation tests to ResourceSyncingTest
* Test that the sync event doesn't get triggered excessively
* Only trigger the sync event if the synced attributes were changed or if the resource was recently created
* Update synced attribute instead of unsynced in test
* Fix sync event test
* Update static property redefining test
* Use getGlobalIdentifierKeyName() instead of hardcoding the key name
* Delete static properties from the ResourceSyncing trait
* Reuse user classes in polymorphic tests
* Update tests/ResourceSyncingTest.php
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Use the default tenants() method in central user, override the default in ResourceSyncingTest
* Use BelongsToMany as tenants() return type
* Fix code style (php-cs-fixer)
* Delete extra static property from trait
* Delete duplicate events/listeners from TSP stub
* Delete weird expectation, use $model->trashed()
* Change ResourceUser to TenantUser
* Add defaults for getGlobalIdentifierKey(Name)
* Use singular tenant in DeleteResourceInTenants name
* Rename getSyncedCreationAttributes to getCreationAttributes
* Fix comma position in comment
* minor fixes in traits and interfaces
* Fix code style (php-cs-fixer)
* Correct comment
* Use $tenant->run()
* Update scopeGetModelQuery annotation
* Use static property for testing shouldSync
* Improve test
* Get rid of datasets
* Add trashed assertions
* Always merge synced attributes with the creation attributes during parsing
* Update creation attributes in test's beforeEach
* Use only the necessary creation attributes (no need to include the synced attributes because they get merged automatically)
* Rename ResourceTenant to MorphTenant
* Add TriggerSyncingEvents docblock
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Add force deletes test
* Fix code style (php-cs-fixer)
* Delete pivot if it can't access the resource class
* Make parseCreationAttributes more readable
* Comment out setting $scopeGetModelQuery in the stub
* Add @var annotations to bootTriggerSyncingEvents
* Fix attach()/detach() exception test
* Interrupt creation of broken pivots instead of deleting the pivots at a later point
* Add more comments
* Update CreateTenantResource comment
* Assert that forceDelete() doesn't affect other tenant resources
* Rename test
* Correct with() array formatting
* Expand test with soft deletes
* Merge SyncedResourceSaved tests
* Improve naming, comments and minor details in the assertions
* Move test
* Fix failing test
* Delete duplicate test
* Minor test improvement
* Delete duplicate test
* Improve old test
* Minor test improvement
* Improve event test
* Improve tests (naming, code, comments)
* Delete extra test, add comments to the larger test
* Refactor central -> tenant attach() test
* Apply changes from central -> tenant attach() test on tenant -> central test
* Fix assertions in central -> tenant
* Correct comment and assertion
* Refactor tenant -> central attach() test
* Fix inconsistency
* Delete unused import
* Add comments
* Update polymorphic test names
* Rename polymorphic tests
* Update listener test name
* Delete redundant tenant ID assignments
* Improve test names
* Move polymorphic tests to ResourceSyncingTest
* Mention alternative solutions in CentralResourceNotAvailableInPivotException
* Add comments
* Update test comments
* minor changes to tests + review comments
* Delete extra tests, update comments
* Remove unneeded part of test
* Fix comment
* Improve comments
* Add test for companies() realationship accessibility
* Update test name
* Complete to-do, add comment
* Improve naming and comments (resolve some priority reviews)
* Move test
* Comment, resolve to-dos
* Add low-level pivot assertions
* Restore trashed resources if the central resource got restored, try improving tests
* Fix code style (php-cs-fixer)
* Dekete redundnat unsynced comments
* Add to-do, test WIP
* Fix restoring logic
* Update todo
* Add todo to fix phpdoc
* Fix code style (php-cs-fixer)
* PHPStan error fix wip
* Fix PHPStan error
* Add regression test
* Delete unused trait
* Add and test restoring WIP
* Fix code style (php-cs-fixer)
* Add to-do
* Delete comment from test
* Focus on restoring in the restore test
* Improve maming
* Fix stub
* Delete redundant part of test
* Delete incorrect test leftover
* Add triggerRestoredEvent
* Fix restore test
* Correct tests and restore(() logic
* Fix code style (php-cs-fixer)
* Check if SoftDeletes are used before firing SyncMasterRestored
* Fix comment
* Revert restore action changes (phpstan errors)
* Delete CascadeDeletes interface
* Remove CascadeDeletes from most of the tests
* Fix code style (php-cs-fixer)
* Rename tests
* Fix restoring + tests WIP
* Fix restoring
* Fix restoring tests
* Fix code style (php-cs-fixer)
* Test that detaching force deletes the tenant resources
* Implement cacscade force deleting
* Delete redundant changes
* Fix typo
* Fix SyncMaster
* Improve test
* Add force deleting logic back and fix tests
* Improve comment
* Delete extra assertion
* Improve restoring test
* Simplify assertion
* Delete redundant query scoping from test
* Test restore listener queueing
* use strict in_array() checks
* fix phpstan errors
---------
Co-authored-by: lukinovec <lukinovec@gmail.com>
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
* Add permission controleld MSSQL DB manager
* Fix code style (php-cs-fixer)
* Fix manager
* Don't change databases when creating MSSQL user
* Test permission controlled MSSQL DB manager
* Fix code style (php-cs-fixer)
* Delete redundant config resetting in tests
* Grant user permissions insteead of making the user the database owner
* Test that user gets created in the tenant DB
* Test that the correct permissions are granted to the DB users
* Fix code style (php-cs-fixer)
* Update config comment
* Fix typo
* Add perm controlled sqlsr db manager to test dataset
* Close all connections before deleting MSSQL DBs
* Fix code style (php-cs-fixer)
* Add explanation to deleteDatabase()
* Update tests/DatabaseUsersTest.php
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Fix code style (php-cs-fixer)
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Add origin ID MW
* Test origin ID MW
* Test origin ID MW with early identification
* Fix code style (php-cs-fixer)
* Fix PHPStan errors
* Add getDomain() to domain ID MW, simplify origin ID MW
* Fix code style (php-cs-fixer)
* Rename InitializeTenancyByOrigin to InitializeTenancyByOriginHeader
* Add onFail test
* Stop throwing the exception in getDomain()
* FIx merge
* Improve origin identification test file
* Clean up test
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
