mirror of
https://github.com/archtechx/tenancy.git
synced 2026-02-05 18:14:04 +00:00
eecf6f21c8
* Run cache tests on all supported drivers * update ci healthcheck for memcached * remove memcached healthcheck * fix typos in test comments, expand internal.md [ci skip] * add empty line [ci skip] * switch to using $store->setPrefix() * add dynamodb * refactor try-finally to try-catch * remove unnecessary clearResolvedInstances() call * add dual Cache:: and cache() assertions * add apc * Flush APCu cache in test setup * Revert "add dual Cache:: and cache() assertions" This reverts commit a0bab162fbe2dd0d25e7056ceca4fb7ce54efc77. * phpstan fix * Add logic for scoping 'file' disks to FilesystemTenancyBootstrapper * minor changes, add todos * refactor how the session.connection is used in the DB session bootstrapper * add session forgery prevention logic to the db session bootstrapper * only use the fs bootstrapper for file disk in 'cache data is separated' dataset * minor session scoping test changes * Add session scoping logic to FilesystemTenancyBootstrapper, correctly update disk roots even with storage_path_tenancy disabled * Fix code style (php-cs-fixer) * update docblock * make not-null check more explicit * separate bootstrapper tests, fix swapped test names for two tests * refactor cache bootstrapper tests * resolve global cache todo * expand tests: session separation tests, more filesystem separation assertions; change prefix_base-type config keys to templates/formats * add apc session scoping test, various session separation bugfixes * phpstan + minor logic fixes * prefix_format -> prefix * fix database session separation test * revert composer.json changes, update laravel dependencies to expected next release * only run session scoping logic in cache bootstrapper for redis, memcached, dynamodb, apc; update gitattributes * tenancy.central_domains -> tenancy.identification.central_domains * db session separation test: add datasets --------- Co-authored-by: PHP CS Fixer <phpcsfixer@example.com>
82 lines
3 KiB
PHP
82 lines
3 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Stancl\Tenancy\Bootstrappers;
|
|
|
|
use Illuminate\Config\Repository;
|
|
use Illuminate\Contracts\Container\Container;
|
|
use Illuminate\Session\DatabaseSessionHandler;
|
|
use Illuminate\Session\SessionManager;
|
|
use Stancl\Tenancy\Contracts\TenancyBootstrapper;
|
|
use Stancl\Tenancy\Contracts\Tenant;
|
|
|
|
/**
|
|
* This resets the database connection used by the database session driver.
|
|
*
|
|
* It also includes a mechanism to prevent session forgery when SESSION_CONNECTION is specified.
|
|
*
|
|
* It runs each time tenancy is initialized or ended.
|
|
* That way the session driver always uses the current DB connection.
|
|
*/
|
|
class DatabaseSessionBootstrapper implements TenancyBootstrapper
|
|
{
|
|
public function __construct(
|
|
protected Repository $config,
|
|
protected Container $container,
|
|
protected SessionManager $session,
|
|
) {}
|
|
|
|
protected string|null $originalConnection = null;
|
|
|
|
public function bootstrap(Tenant $tenant): void
|
|
{
|
|
$this->originalConnection = $this->config->get('session.connection');
|
|
|
|
if ($this->config->get('session.driver') === 'database') {
|
|
// At first, this bootstrapper runs before the StartSession middleware, so
|
|
// changing the session.connection here will affect what connection the session
|
|
// driver will use. This is helpful to override the SESSION_CONNECTION that might
|
|
// otherwise allow for session forgery in the tenant context.
|
|
$this->config->set('session.connection', 'tenant');
|
|
|
|
$this->resetDatabaseHandler('tenant');
|
|
}
|
|
}
|
|
|
|
public function revert(): void
|
|
{
|
|
if ($this->config->get('session.driver') === 'database') {
|
|
$connection = $this->originalConnection ?? config('tenancy.database.central_connection');
|
|
|
|
// When ending tenancy, this runs *before* the DatabaseTenancyBootstrapper, so DB tenancy
|
|
// is still bootstrapped. For that reason, we have to explicitly use the central connection
|
|
// instead of null for the default connection.
|
|
$this->config->set('session.connection', $connection);
|
|
$this->resetDatabaseHandler($connection);
|
|
}
|
|
}
|
|
|
|
protected function resetDatabaseHandler(string $connection): void
|
|
{
|
|
$sessionDrivers = $this->session->getDrivers();
|
|
|
|
if (isset($sessionDrivers['database'])) {
|
|
/** @var \Illuminate\Session\Store $databaseDriver */
|
|
$databaseDriver = $sessionDrivers['database'];
|
|
|
|
$databaseDriver->setHandler($this->createDatabaseHandler($connection));
|
|
}
|
|
}
|
|
|
|
protected function createDatabaseHandler(string $connection): DatabaseSessionHandler
|
|
{
|
|
// Based on SessionManager::createDatabaseDriver
|
|
return new DatabaseSessionHandler(
|
|
$this->container->make('db')->connection($connection),
|
|
$this->config->get('session.table'),
|
|
$this->config->get('session.lifetime'),
|
|
$this->container,
|
|
);
|
|
}
|
|
}
|