[4x] Delete redundant universal route check from prevent access MW #1427
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The PreventAcessFromUnwantedDomains MW had the routeIsUniversal check either for returning early, or it was a leftover from some older implementation.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #1427 +/- ##
=========================================
Coverage 85.92% 85.92%
+ Complexity 1147 1146 -1
=========================================
Files 184 184
Lines 3360 3360
=========================================
Hits 2887 2887
Misses 473 473 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
lukinovec
commented
Dec 29, 2025
|
|
||
| /** | ||
| * Prevents accessing central domains in the tenant context/tenant domains in the central context. | ||
| * The access isn't prevented if the request is trying to access a route flagged as 'universal', |
Contributor
Author
There was a problem hiding this comment.
Keeping the docblock like this may be a bit confusing because now, skipping this MW for universal routes is not as explicit. Instead of the explicit condition, this is implied (if ($this->accessingTenantRouteFromCentralDomain || $this->accessingCentralRouteFromTenantDomain) $abortRequest($request, $next) -- the abort only happens for central or tenant routes, never universal).
So maybe I'd rephrase this a bit
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The PreventAcessFromUnwantedDomains MW had the
tenancy()->routeIsUniversal($route)check either for returning early, or it was a leftover from some older implementation, so I removed it.The middleware aborts if the
$this->accessingTenantRouteFromCentralDomain($request, $route) || $this->accessingCentralRouteFromTenantDomain($request, $route)check passes. Meaning, for the middleware to abort, the route has to be either in central or tenant mode. When the route is in universal mode, the middleware will never reachreturn $abortRequest().return $next($request)will always get reached, even when the|| tenancy()->routeIsUniversal($route)check is deleted from the previous condition, so that check was basically useless.Resolves #1418