ahmido
a989ef1a23
Implements specs 070–072 (workspace foundation, workspace-scoped tenant selection, managed-tenants workspace enforcement).
Highlights
- Adds Workspace + WorkspaceMembership models/migrations + middleware to persist/enforce current workspace context.
- Scopes tenant selection to the current workspace.
- Makes legacy `/admin/managed-tenants*` routes redirect into workspace-scoped URLs.
- Enforces tenant routes under `/admin/t/{tenant}` to 404 when workspace context is missing or mismatched.
- Fixes Filament page Blade wrappers so header actions render on choose-workspace / choose-tenant / no-access pages.
Verification
- Pint: `vendor/bin/sail bin pint --dirty`
- Tests: `vendor/bin/sail artisan test --compact tests/Feature/Guards/NoAdHocFilamentAuthPatternsTest.php tests/Feature/Workspaces tests/Feature/Filament/ChooseTenantIsWorkspaceScopedTest.php tests/Feature/Filament/ChooseTenantRequiresWorkspaceTest.php tests/Feature/Filament/TenantSwitcherUrlResolvesTenantTest.php tests/Feature/ManagedTenants tests/Feature/AdminNewRedirectTest.php`
Notes
- Filament v5 / Livewire v4 compatible.
- Panel provider registration stays in `bootstrap/providers.php` (Laravel 11+ rule).
- No new heavy frontend assets added.
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@MacBookPro.fritz.box>
Reviewed-on: #85
134 lines
4.3 KiB
PHP
134 lines
4.3 KiB
PHP
<?php
|
|
|
|
namespace App\Support\Workspaces;
|
|
|
|
use App\Models\User;
|
|
use App\Models\Workspace;
|
|
use App\Models\WorkspaceMembership;
|
|
use Illuminate\Http\Request;
|
|
|
|
final class WorkspaceContext
|
|
{
|
|
public const SESSION_KEY = 'current_workspace_id';
|
|
|
|
public function __construct(private WorkspaceResolver $resolver) {}
|
|
|
|
public function currentWorkspaceId(?Request $request = null): ?int
|
|
{
|
|
$session = ($request && $request->hasSession()) ? $request->session() : session();
|
|
|
|
$id = $session->get(self::SESSION_KEY);
|
|
|
|
return is_int($id) ? $id : (is_numeric($id) ? (int) $id : null);
|
|
}
|
|
|
|
public function currentWorkspace(?Request $request = null): ?Workspace
|
|
{
|
|
$id = $this->currentWorkspaceId($request);
|
|
|
|
if (! $id) {
|
|
return null;
|
|
}
|
|
|
|
$workspace = Workspace::query()->whereKey($id)->first();
|
|
|
|
if (! $workspace) {
|
|
return null;
|
|
}
|
|
|
|
if (! $this->isWorkspaceSelectable($workspace)) {
|
|
return null;
|
|
}
|
|
|
|
return $workspace;
|
|
}
|
|
|
|
public function setCurrentWorkspace(Workspace $workspace, ?User $user = null, ?Request $request = null): void
|
|
{
|
|
$session = ($request && $request->hasSession()) ? $request->session() : session();
|
|
$session->put(self::SESSION_KEY, (int) $workspace->getKey());
|
|
|
|
if ($user !== null) {
|
|
$user->forceFill(['last_workspace_id' => (int) $workspace->getKey()])->save();
|
|
}
|
|
}
|
|
|
|
public function clearCurrentWorkspace(?User $user = null, ?Request $request = null): void
|
|
{
|
|
$session = ($request && $request->hasSession()) ? $request->session() : session();
|
|
$session->forget(self::SESSION_KEY);
|
|
|
|
if ($user !== null && $user->last_workspace_id !== null) {
|
|
$user->forceFill(['last_workspace_id' => null])->save();
|
|
}
|
|
}
|
|
|
|
public function resolveInitialWorkspaceFor(User $user, ?Request $request = null): ?Workspace
|
|
{
|
|
$session = ($request && $request->hasSession()) ? $request->session() : session();
|
|
|
|
$currentId = $this->currentWorkspaceId($request);
|
|
|
|
if ($currentId) {
|
|
$current = Workspace::query()->whereKey($currentId)->first();
|
|
|
|
if (! $current instanceof Workspace || ! $this->isWorkspaceSelectable($current) || ! $this->isMember($user, $current)) {
|
|
$session->forget(self::SESSION_KEY);
|
|
|
|
if ((int) $user->last_workspace_id === (int) $currentId) {
|
|
$user->forceFill(['last_workspace_id' => null])->save();
|
|
}
|
|
} else {
|
|
return $current;
|
|
}
|
|
}
|
|
|
|
if ($user->last_workspace_id !== null) {
|
|
$workspace = Workspace::query()->whereKey($user->last_workspace_id)->first();
|
|
|
|
if (! $workspace instanceof Workspace || ! $this->isWorkspaceSelectable($workspace) || ! $this->isMember($user, $workspace)) {
|
|
$user->forceFill(['last_workspace_id' => null])->save();
|
|
} else {
|
|
$session->put(self::SESSION_KEY, (int) $workspace->getKey());
|
|
|
|
return $workspace;
|
|
}
|
|
}
|
|
|
|
$memberships = WorkspaceMembership::query()
|
|
->where('user_id', $user->getKey())
|
|
->with('workspace')
|
|
->get();
|
|
|
|
$selectableWorkspaces = $memberships
|
|
->map(fn (WorkspaceMembership $membership) => $membership->workspace)
|
|
->filter(fn (?Workspace $workspace) => $workspace instanceof Workspace && $this->isWorkspaceSelectable($workspace))
|
|
->values();
|
|
|
|
if ($selectableWorkspaces->count() === 1) {
|
|
/** @var Workspace $workspace */
|
|
$workspace = $selectableWorkspaces->first();
|
|
|
|
$session->put(self::SESSION_KEY, (int) $workspace->getKey());
|
|
$user->forceFill(['last_workspace_id' => (int) $workspace->getKey()])->save();
|
|
|
|
return $workspace;
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
public function isMember(User $user, Workspace $workspace): bool
|
|
{
|
|
return WorkspaceMembership::query()
|
|
->where('user_id', $user->getKey())
|
|
->where('workspace_id', $workspace->getKey())
|
|
->exists();
|
|
}
|
|
|
|
private function isWorkspaceSelectable(Workspace $workspace): bool
|
|
{
|
|
return empty($workspace->archived_at);
|
|
}
|
|
}
|