1. Remove the CreateTenantStorage job altogether since as the docblock
says the class should be redundant now that
FilesystemTenancyBootstrapper creates this path automatically when
storage_path suffixing is enabled
2. Remove docblock on the DeleteTenantStorage job - a class's docblock
should describe what it does, not how it handles edge cases. Here
the former isn't even necessary and the latter is well explained by
comments in the implementation.
3. Remove the CreateTenantStorage test following the class's removal,
the test would pass on its own even without the job with just
tenancy initialization as mentioned above.
4. Slightly improve the structure of the DeleteTenantStorage job and
deprecated listener
5. Improve deprecation notices so they include full steps for upgrading
to the new approach.
This PR fixes the URL override example in TenancyServiceProvider stub
(the commented `overrideUrlInTenantContext()` segment). If the tenant
doesn't have any domain, set the root URL back to the original one.
Also make all resource syncing-related listener closures static.
Also correct return type for getGlobalIdentifierKey to string|int.
(We intentionally do not support returning null like many other
"get x key" methods would since such a case might break resource
syncing logic. This is also why we use inline getAttribute() in the
creating listener instead of calling the method.)
Also move pivot record deletion to that listener and improve tests
The 'tenant pivot records are deleted along with the tenants to which
they belong to' test is failing in this commit -- the listener
for deleting mappings when a *tenant* is deleted is only implemented
in the next commit. The only change done here is to re-add FKs
(necessary for passing *in this commit* in that specific dataset
variant) that were removed from the default test migration as we now
have the DeleteResourceMapping listener that's enabled by default.
Recent Laravel installations often have http://localhost:8000 as
APP_URL, so we make sure to strip any port suffix from the default
central domain derived from APP_URL.
With the previous implementation, many users would use the default
config that enables scope_sessions. They would then deploy the app
to production and get the exception there since they use the
`database` session driver which is scoped by a different mechanism.
The idea behind throwing the exception only in prod was to make it
easy to use different setups locally without getting annoying
exceptions, while notifying users that a security feature they enabled
isn't running in production.
However, a better way of doing this is to just throw the exception
consistently in all setups and use a sane default for enabling the
scope_sessions setting based on the SESSION_DRIVER env var.
Users are always encouraged to read the session scoping docs to make
sure their session scoping configuration makes sense for their specific
setup, but this is a good balance for providing solid security out of
the box for most setups without requiring users to configure things
manually.
Remove comments about shouldBeQueued(true) being preferable in
production as that isn't necessarily true anymore with pending tenants
(or even the absence of any "optimizations", they're all optional).
Using queued tenant creation also requires some code changes in the
tenant onboarding logic, so it is misleading to imply that it's a
switch that should simply be turned on in production.
Add DatabaseCacheBootstrapper to config.php as it was missing there.
Remove note about MailConfigBootstrapper needing forceRefresh in the
QueueTenancyBootstrapper as we now use a non-persistent queue
bootstrapper by default.
The feature was pretty much a soft-bootstrapper -- it listened
to both Bootstrapped and Reverted. Bootstrappers have a few more
protections in terms of error handling and safe reverting, so there's
no point in (badly) re-implementing bootstrapper functionality within
TenantConfig just so it could be a Feature.
Going forward, all Features should be things that are mostly agnostic
of the tenant state, and especially they should not use bootstrapped/
reverted events. Bootstrappers are simply more appropriate and safe.
* UrlGenerator: set defaults based on config; request data: move config to config file+resolver
* Claude code adjustments
* improve request data tests, simplify complex test in UrlGeneratorBootstrapperTest
* url generator test: test changing tenant parameter name
* request data identification: add tenant_model_column configuration
* defaultParameterNames -> passQueryParameter
* move comment
* minor refactor in PathIdentificationTest, expand CLAUDE.md to include early identification section
* Fix COLOR_FLAG
* improve test name
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* TenancyUrlGenerator: add a check for queryParameterName being null
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Fix code style (php-cs-fixer)
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Add regression test for removing invalid symlinks
* Move commented RemoveStorageSymlinks job to the DeletingTenant pipeline (better default - the symlinks will be removed *before* deleting tenant storage)
* Remove symlink validity check from symlinkExists() (only check for the symlink's existence)
* Delete complete todo0
* Make the symlink assertions more explicit
* update test name
---------
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* cleanup, resolve todos, add immediate todos
* Improve path_identification_middleware docblock
* rename leave() method in tests
* wip fix hardcoded values making assumptions about the parameters used in routing
* defaultParameterNames
* fix CreatesDatabaseUsers return values
* $tenant -> tenant()
* resolve more todos
* make comment block a complete block
* Correct useTenantRoutesInFortify(), delete unused import
* test fixes
* remove todos
* remove JobPipeline todo
* simplify comment example
* remove todo
* fix VERSION_PREFIX in queue.yml
---------
Co-authored-by: lukinovec <lukinovec@gmail.com>
* Make universal route logic part of tbe early ID trait
* Add requstHasTenant to prevent access MW, add todo@samuel
* Delete PathIdentificationManager, move the used methods appropriately
* Correct and refactor code related to the deleted PathIdentificationManager class
* Add docblock
* Fix code style (php-cs-fixer)
* refactor globalStackMiddleware()
* remove todos [ci skip]
* refactor routeMiddleware()
* revert bool assertions
* revert more changes
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Only retrieve domains if the relationship and the domains table exist (DomianTenantResolver)
* Resolve todo, add other todos
* Use constructor promotion in DeleteDomains
* Fix imports + domain deletion test
* Confirm that turning on resolver caching doesn't break the tests
* Fix Tenant model imports
* Fix code style (php-cs-fixer)
* remove runtime schema check
* temp: enable resolver cache
* make 'autoincrement ids are supported' pass
* disable resolver cache
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
Co-authored-by: Samuel Štancl <samuel.stancl@gmail.com>
Co-authored-by: Samuel Štancl <samuel@archte.ch>
* Run cache tests on all supported drivers
* update ci healthcheck for memcached
* remove memcached healthcheck
* fix typos in test comments, expand internal.md [ci skip]
* add empty line [ci skip]
* switch to using $store->setPrefix()
* add dynamodb
* refactor try-finally to try-catch
* remove unnecessary clearResolvedInstances() call
* add dual Cache:: and cache() assertions
* add apc
* Flush APCu cache in test setup
* Revert "add dual Cache:: and cache() assertions"
This reverts commit a0bab162fbe2dd0d25e7056ceca4fb7ce54efc77.
* phpstan fix
* Add logic for scoping 'file' disks to FilesystemTenancyBootstrapper
* minor changes, add todos
* refactor how the session.connection is used in the DB session bootstrapper
* add session forgery prevention logic to the db session bootstrapper
* only use the fs bootstrapper for file disk in 'cache data is separated' dataset
* minor session scoping test changes
* Add session scoping logic to FilesystemTenancyBootstrapper, correctly update disk roots even with storage_path_tenancy disabled
* Fix code style (php-cs-fixer)
* update docblock
* make not-null check more explicit
* separate bootstrapper tests, fix swapped test names for two tests
* refactor cache bootstrapper tests
* resolve global cache todo
* expand tests: session separation tests, more filesystem separation assertions; change prefix_base-type config keys to templates/formats
* add apc session scoping test, various session separation bugfixes
* phpstan + minor logic fixes
* prefix_format -> prefix
* fix database session separation test
* revert composer.json changes, update laravel dependencies to expected next release
* only run session scoping logic in cache bootstrapper for redis, memcached, dynamodb, apc; update gitattributes
* tenancy.central_domains -> tenancy.identification.central_domains
* db session separation test: add datasets
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
* resolver refactor
* Fix code style (php-cs-fixer)
* make tenant column used in PathTenantResolver configurable, fix phpstan errors, minor improvements
* support binding route fields, write tests for customizable tenant columns
* Invalidate cache for all possible columns in path resolver
* implement proper cache separation logic for different columns used by PathTenantResolver
* improve return type
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
* Add RandomHexGenerator, create new namespace
* phpstan ignore
* add base64 generator
* add note about base64 being case sensitive
* docblock updates
* replace old UUIDGenerator with a class that throws an exception
* replace base64 generator with a random string generator
* Fix namespace
* Fix code style (php-cs-fixer)
* add test for the deprecated uuid generator
* update comments
---------
Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
