Previously, tenant identification middleware was typically specified
for the cloned route by "inheriting" it from the central route, which
necessarily meant that the central route had to also be marked as
universal so it could continue working in the central context --
despite presumably not being usable in the tenant context, thus being
universal for no proper reason. In such cases, universal routes were
used mainly as a mechanism for specifying the tenant identification
middleware to use on the cloned tenant route.
Given that recent refactors of the cloning feature have made it more
customizable and a bit nicer to use "multiple times", i.e. run handle()
with a few different configurations of the action, letting the
developer specify the used tenant middleware using a method like this
only makes sense.
The feature also becomes more independently usable and not just a
"hack for universal routes with path identification".
In such a case, the cloned route will actually *override* the original
route, rather than being unused as the original docblock claimed.
Also adds a static make() function for convenience.
Previously, if a universal route was cloned without a
cloneRoutesWithMiddleware(['universal']) call, i.e. it had both
'clone' and 'universal' flags, with only the former triggering cloning,
the 'universal' flag would be included in the middleware of the cloned
route.
Now, we make sure to remove all context flags -- central, tenant,
universal -- in the first step of processing middleware, before adding
just 'tenant'.
* Add test for the new clone action addTenantParameter property
* Add $addTenantParameter properyt to the clone action
* Fix code style (php-cs-fixer)
* Update clone action annotation
* Make addTenantParameter(false) sound by adding domain() logic to route cloning
---------
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Refactor cloning action, update tests
* Delete redundant "should not be cloned" part from shouldBeCloned()
* Use 'clone' instead of a universal route in tenant parameter removal test
* Improve comment
* Add test for cloneRoutesWithMiddleware(), correct existing tests
* Allow cloning specific routes by name
* Fix typo in CloneActionTest
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* clean up CloneRoutesAsTenant, add a todo
* phpstan
* Add test for handling 'clone' in MW groups
* Improve regression test
* Improve regression test
* Handle nested cloning flags in CloneRoutesAsTenant
* Ignore routes that are already considered tenant routes from cloning, update test accordingly
* Clarify cloning logic
* CloneRoutesAsTenant cleanup
* Rewrite clone action annotation, fix fluent usage bug
* Improve tests (comments, use $tenant->id instead of $tenant->getTenantKey())
* Test that the clone action can be used fluently without issues now (could serve as a regression test for the routesToClone change in previous commit)
* Minor annotation improvements
* Improve route cloning action docblock
* Add note about clearing the $routesToClone property
* improve docblock
* clean up tests
* fix typo
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Declare sensitive parameters as sensitive
... just so that they don't show up in logs
* Remove unnecessary null-coalescing
* Simplify return
* Merge isset() calls
* Inline return
* Use nullsafe operator
* Simplify if-else branches
* Use direct empty string comparison instead of strlen()
* Add missing type
* Change interface as events expect a TenantWithDatabase not just a Tenant
* Narrow typehint
* Remove redundant type casts
* Fix style with php-cs-fixer
* Fix typos
* Revert unwanted if-else simplification
* fix phpstan errors
* narrow type
---------
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* route cloning: Trim '/' from original route prefixes
* Add test for the trimming of route prefixes
* Revert "Add test for the trimming of route prefixes"
This reverts commit 568ae17d2bf8d5542a0e46840f7604c6a0df236d.
* Add test for the trimming of route prefixes
* Delete extra comments [ci skip]
* Fix regression test [ci skip]
* trigger CI
* Add routes with trailing slashes to the cloned route prefixing test
* Test nested '/' route cloning
* Update cloned route creation as suggested
* fix terminology
* add comment to test
---------
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Make universal route logic part of tbe early ID trait
* Add requstHasTenant to prevent access MW, add todo@samuel
* Delete PathIdentificationManager, move the used methods appropriately
* Correct and refactor code related to the deleted PathIdentificationManager class
* Add docblock
* Fix code style (php-cs-fixer)
* refactor globalStackMiddleware()
* remove todos [ci skip]
* refactor routeMiddleware()
* revert bool assertions
* revert more changes
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Make asset_helper_tenancy false by default
* Make tenant_asset() respect ASSET_URL
* Set asset helper tenancy to true in tests where needed
* If the `asset_helper_tenancy` key is missing, default to false in filesystem bootstrapper
* Make temporary clone action changes
* Make tenancy asset route universal
* Make the asset controller's asset method behave differently if path ID MW is the default
* Test that asset helper works with path identification
* Fix code style (php-cs-fixer)
* Delete path traversal attack prevention
* Fix code style (php-cs-fixer)
* Skip cloning of stancl.tenancy.asset route in some tests
* Fix code style (php-cs-fixer)
* Clone asset route in TSP stub
* Add cloning only the passed route
* Clone asset route in tenant asset test beforeEach
* Skip asset route cloning by default
* Fix typo
* Change public method back to protected
* Remove cloning of specific routes, skip cloning routes flagged as tenant
* Delete constructor from asset controiler, change asset method to invoke
* Update asset route registration, add prefixed asest route for path identification
* Use default middleware from config instead of `tenancy()->defaultMiddleware()`
* Delete old code from TSP stub
* Revert TSP stub change
* Revert FilesystemTenancyBootstrapper changes
* Suffix asset url in tenant_asset()
* Simplify `tenant_asset()`
* Ensure the base asset url is always suffixed with '/'
* remove unnecessary ?? false
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Allow cloning routes when only kernel identification is used, explicitly enable specific cloning modes
* Explicitly enable needed clone modes in tests, use "clone" instead of "reregister"
* Fix code style (php-cs-fixer)
* Use "cloning" instead of "re-registration" in UniversalRouteTest
* Only clone routes using path identification
* Revert clone mode changes
* Fix code style (php-cs-fixer)
* Update comment
* Skip cloning 'stancl.tenancy.asset' by default
* Decide which routes should get cloned in the filtering step, improve method organization
* Return `RouteMode::UNIVERSAL` in getMiddlewareContext if route is universal
* Give universal route the path ID MW so that it gets cloned
* Fix code style (php-cs-fixer)
* Simplify UsableWithEarlyIdentification code
* Handle universal route mode in ForgetTenantParameter
* Fix code style (php-cs-fixer)
* Rename getMiddlewareContext to getRouteMode
* Append '/' to the route prefix
* Rename variable
* Wrap part of condition in parentheses
* Refresh name lookups after cloning routes
* Test giving tenant flag to cloned routes
* Add routeIsUniversal method
* Correct ForgetTenantParameter condition
* Improve tenant flag giving logic
* Improve test name
* Delete leftover testing code
* Put part of condition into `()`
* Improve CloneRoutesAsTenant code + comments
* Extract route mode-related code into methods, refactor and improve code
* Improve ForgetTenantParameter, test tenant parameter removing in universal routes
* Fix code style (php-cs-fixer)
* Fix test
* Simplify adding tenant flag
* Don't skip stancl.tenancy.asset route cloning
* clean up comment
* fix in_array() argument
* Fix code style (php-cs-fixer)
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Use "clone" instead of "re-register" in UniversalRouteTest
* Fix `$shouldCloneRoute` condition, improve tenant flagging logic
* Use clone instead of reregister in stub
* Update url binding bootstrapper test
* Fix parent::temporarySignedRoute() call
* Add universal route tests for all identification types
* Improve determineContextFromRequest()
* Add setting `TenancyUrlGenerator::$prefixRouteNames` to true in TSP stub
* Delete seemingly redundant test (making one route universal won't make all routes universal in any case)
* Use collection syntax in ReregisterUniversalRoutes
* Improve comments
* Add domain identification MW annotation
* Update condition in GloballyUsable
* Set `tenancy.bootstrappers` instead of adding the bootstrappers using `tenancy.bootstrappers.x`, move test
* Revert GloballyUsable condition change
* Delete assigning bootstrappers to tenancy.bootstrappers.x
* Exclude cache prefixing bootstrapper from the initial configuration
* Fix test
* Unset bypass parameter
* Set static kernel identification-related properties in TestCase
* Update bootstrapper name in annotation
* Move unset() into a condition
* Update TenancyUrlGenerator condition
* Set static properties without instantiating Tenancy
* Fix unsetting bypass parameter
* formatting changes
* add a comment
* improve docblock
* add docblock to TenancyUrlGenerator [ci skip]
* docblock changes [ci skip]
* Update TenancyUrlGenerator (rename variable, allow bypassing prefixing temporarySignedRoute name)
* Improve determineContextFromRequest
* Only return the new url generator instance when extending 'url' in UrlBindingBootstrapper
* Check route's MW groups for the path ID MW
* Remove extra imports from config
* Rename MiddlewareContext to Context, add condition for skipping ID MW
* Set only the needed bootstrappers in TestCase
* Fix code style (php-cs-fixer)
* Remove condition
* Use correct return type
* Fix PHPStan issue
* Update comment
* Check for tenant parameter instead of prefix
* Update shouldBeSkipped condition for universal routes
* Don't remove the 'universal' MW group after route re-registration, update test
* Fix code style (php-cs-fixer)
* Fix typo
* Add test for mixing placement of access prevention and identification MW
* Add test for mixing placement of access prevention and identification MW
* Update docblock
* Add setting the session and key resolvers in UrlBindingBootstrapper (required with LW file uploads)
* Update stub
* Update variable name in route reregistering action
* Add trailing comma
* Fix code style (php-cs-fixer)
* Require routes using path identification to be flagged as tenant in order to be recognized as tenant routes
* Add tenant flag while re-registering routes
* Update determineContextFromRequest condition (wip)
* Fix code style (php-cs-fixer)
* Update the middleware context logic so that universal routes have to be flagged as tenant instead of just having ID MW
* Update path identification condition
* Fix re-registering the LW localized route (add 'tenant' MW)
* Update docblock
* Simplify LW route re-registration
* Add comment
* Update comment
* Simplify determineContextFromRequest, add comment
* Improve stub
* Add skipRoute method + test
* Fix typo
* Update assets/TenancyServiceProvider.stub.php
* Update src/Concerns/DealsWithEarlyIdentification.php
* Fix typo
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Improve comment
* Update test structure
* Restructure Fortify test
* code style
* Fix typo
* Update ReregisterUniversalRoutes annotation
* Only prefix route name if it wasn't already prefixed
* Add todo@docs
* Delete `Tenancy::$kernelAccessPreventionSkipped` and related logic
* Delete test tenant cleanup
* Test MW group unpacking, restructure and improve test
* Test that tenancy isn't initialized after visiting a central route with the tenant parameter
* Delete "in both central and tenant contexts" from test names
* Test that re-registering works with controllers too
* Set misc route properties during re-registering
* Determine context instead of guessing, update universal route tests
* Use randomly generated tenant ID instead of hardcoding `acme`
* Remove setting route validators
* Rename and update determine context method, add comments
* Update ForgetTenantParameter annotation
* Add comment
* Delete comment, delete variable assignment
* Update early domain identification test
* Improve domain identification tests (test defaulting accurately)
* Improve readability
* Simplify domain early ID test
* Use randomly generated tenant instead of 'acme'
* Simplify request data ID test, use random tenant instead of 'acme'
* Simplify defaulting domain identification test
* Use RouteFacade alias for the Route facade, improve test code
* Add defaulting to the request data and path ID tests
* Merge path identification tenant parameter removal tests, clean up
* Correct wording
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
* Delete debugging things from UniversalRouteTest
* Update annotation
* Add `// Creates a matrix`
* Improve comment wording
* Add MiddlewareUsableWithUniversalRoutes, refactor code accordingly
* Fix code style (php-cs-fixer)
* Delete debugging leftovers
* Delete unused import
* Update universal route GloballyUsable condition
* Don't implement the universal route interface in access prevention MW
* Check if request host is in the central domains in domain ID MW
* Test universal routes with domain identification without access prevent MW
* Test that universal routes work only with identification MW implementing the universal route interface
* Fix code style (php-cs-fixer)
* Rename GloballyUsable to UsableWithEarlyIdentification
* Fix annotation
* Update requestHasTenant annotations
* Update comment
* Add `with()` comments
* Add with() comments where missing
* Rename interface, update/add comments
* Rename exception, update its default message
* Fix code style (php-cs-fixer)
* Fix interface name
* Delete redundant code from subdomain ID MW
* Change domainOrSubdomain ID MW so that instead of passing the identification to other MWs, it happens in the domainOrSubdomain MW
* Test domainOrSubdomain identification with universal routes
* Fix code style (php-cs-fixer)
* Rename universal routes interface
* Fix code style (php-cs-fixer)
* Try explaining forgetting the tenant parameter better
* update interface name reference
* uncouple example from query parameters
* Update ForgetTenantParameter.php
* Update ForgetTenantParameter annotation
* Check both routeHasMiddleware and routeHasIdentificationMiddleware in the route MW detection test
* Hardcode tenant subdomain
* Delete redundant event listening code
* Delete unused imports
* Delete misuse of `tenancy()->getMiddlewareContext()` from conditions
* Delete unused variable
* Update comment
* Correct request data identification test (defaulting)
* Fix defaulting in path id test
* Move default route context configuration in domian id test
* Rename and update the tenant parameter test
* Delete extra tenant parameter test
* Use `tenant-domain.test` instead of `127.0.0.2`
* Add `default_to_universal_routes` config key
* Deal with defaulting to universal routes in the reregistering action
* Update logic to make defaulting to universal routes possible
* Test defaulting to universal routes
* Fix code style (php-cs-fixer)
* Delete extra tests
* Delete "without access prevention" from datasets
* Add defaulting to universal routes to datasets
* Override universal flag by central/tenant flag
* Add universal flag overriding test
* Update "a route can be universal in both route modes" so that the name corresponds with the tested thing
* Ignore the PHPStan error
* Reset `InitializeTenancyByPath::$onFail` in PathIdentificationTest
* Simplify expression
* Use 'Tenancy (not) initialized.' in instead of `tenant()?->getTenantKey()` for better assertions
* Properly test removing tenant parameter
* Reset static properties in tests
* Correct comments in EarlyIdentificationTest
* Add comment
* Add detail to annotation
* Throw exception if payload isn't string or null in request data ID MW
* Fix code style (php-cs-fixer)
* Delete static `$kernelIdentificationSkipped` property, use `$request->attributes` instead
* Use 'default_route_mode' instead of 'default_to_tenant/universal_routes'
* Fix code style (php-cs-fixer)
* Make path identification MW, tenantParameterName and tenantRouteNamePrefix configurable in ReregisterUniversalRoutes
* Delete unused import
* Add `$passTenantParameterToRoute` to TenancyUrlGenerator
* Use `$passTenantParameterToRoute` in BootstrapperTest
* Bypass tenant parameter passing
* Improve TenancyUrlGenerator so that both ID methods work
* Fix code style (php-cs-fixer)
* Improve TenancyUrlGenerator readability
* Add modifyBehavior() to TenancyUrlGenerator
* Fix code style (php-cs-fixer)
* Improve comment
* Toggle route name prefixing in path/request data ID MW (route-level identification)
* Fix code style (php-cs-fixer)
* Add path identification MW config key, add `getTenantParameterName()` to ForgetTenantParameter
* Fix code style (php-cs-fixer)
* Fix modifyBehavior and routeBehaviorModificationBypassed
* Add type to `$parameters` parameter
* Split modifyBehavior into two methods, don't pass name and parameters by reference
* Update UrlBindingBootstrapper annotation
* Correct naming in tests (request data -> query string identification)
* Add info to annotation
* Pass arrays to the behavior modification methods instead of `mixed`
* Fix default value of static property in Fortify bootstrapper
* Fix code style (php-cs-fixer)
* Correct annotation
* Enable prefixing routes directly using path identification MW
* Test re-registration of routes with path ID MW
* Prefix names of routes directly using path ID MW
* Fix code style (php-cs-fixer)
* Add Livewire v3 integration example to TSP stub
* Prefix route name only if it's not prefixed already
* Rename ReregisterUniversalRoutes to ReregisterRoutesAsTenant
* Fix code style (php-cs-fixer)
* Improve ReregisterRoutesAsTenant
* Add/update TenancyUrlGenerator docblocks
* Update action name in comments/test names
* Update reregister action annotation
* Delete unused imports
* Improve comments
* Make method protected
* Improve TenancyUrlGenerator code
* Test bypass parameter removal
* Fix comment
* Update annotation
* Improve shouldReregisterRoute
* Fix typo, delete redundant comment
* Improve skipRoute
* Improve shouldBeSkipped
* Add and test `$passTenantParameterToRoutes`
* add a comment
* Fix typo in comment
* Pass array as $parameters in prepareRouteInputs
* Make path_identification_middleware an array
* Fix code style (php-cs-fixer)
* Fix ReregisterRouteAsTenant
* Move tenantParameterName and tenantRouteNamePrefix getting to PathIdentificationManager
* Make PathIdentificationManager properties `Closure|null`
* Fix code style (php-cs-fixer)
* Fix PathIdentificationManager
* Update comments
* Use foreach for dataset definition
* Extract repetitive inGlobalStack and routeHasMiddleware calls
* Refactor PathIdentificationManager
* Update TenancyUrlGenerator annotation
* Add $skippedRoutes, refactor ReregisterRoutesAsTenant
* Improve reregisterRoute
* Update re-register action annotation
* update test name
* Make PathIdentificationManager methods static again, update comments
* Add test comment
* Update ForgetTenantParameter annotation
* Improve route re-registration condition, add comment
* Change "re-register" to "clone"
* minor code improvements
---------
Co-authored-by: lukinovec <lukinovec@gmail.com>
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
