multi tenant support by default

scriptPilot · scriptPilot · commit a45580b69618 · 2024-03-03T20:34:19.000+01:00
closes #11
diff --git a/src/templates/public/api.php b/src/templates/public/api.php
@@ -1,44 +1,58 @@
 <?php
 
-// Dependencies
+// Import dependencies
 use Tqdev\PhpCrudApi\Api;
 use Tqdev\PhpCrudApi\Config\Config;
 use Tqdev\PhpCrudApi\RequestFactory;
 use Tqdev\PhpCrudApi\ResponseUtils;
 require('vendor/autoload.php');
 
-// Credentials
+// Import and define credentials
 @include('credentials.php');
 @define('MYSQL_HOST', 'mysql');
 @define('MYSQL_DATABASE', 'development');
 @define('MYSQL_USERNAME', 'root');
 @define('MYSQL_PASSWORD', 'root');
 
-// User ID
-session_start();
-define('USERID', isset($_SESSION['user']['id']) ? $_SESSION['user']['id'] : 0);
-
 // Configuration
 $config = new Config([
 
-    // Debug Mode
+    // Debug mode
     'debug' => MYSQL_DATABASE === 'development',
 
-    // Database Credentials
+    // Credentials
     'address' => MYSQL_HOST,
     'database' => MYSQL_DATABASE,
     'username' => MYSQL_USERNAME,
     'password' => MYSQL_PASSWORD,
 
-    // Database Authentication
-    'middlewares' => 'dbAuth,authorization',
+    // Middlewares
+    'middlewares' => 'dbAuth,authorization,multiTenancy',
+
+    // Database authentication
     'dbAuth.mode' => 'optional',
     'dbAuth.registerUser' => '1',
+    'dbAuth.passwordLength' => '3',
+
+    // Database Authorization
     'authorization.tableHandler' => function ($operation, $tableName) {    
+
+        // No access to the users table
         if ($tableName === 'users') return false;
+
+        // Access to all other tables
         return true;
-    }
-    
+
+    },
+
+    // Multi Tenancy
+    'multiTenancy.handler' => function ($operation, $tableName) {
+
+      // For all tables, limit access to the current user
+      return ['userId' => $_SESSION['user']['id'] ?? 0];
+
+    },    
+
 ]);
 
 // Initialization
diff --git a/src/templates/schema.sql b/src/templates/schema.sql
@@ -1,11 +1,12 @@
 CREATE TABLE IF NOT EXISTS `users` (
-  `id` INTEGER(4) NOT NULL PRIMARY KEY AUTO_INCREMENT,
+  `id` INTEGER(8) NOT NULL PRIMARY KEY AUTO_INCREMENT,
   `username` VARCHAR(255) NOT NULL,
   `password` VARCHAR(255) NOT NULL
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
 
 CREATE TABLE IF NOT EXISTS `tasks` (
-  `id` INTEGER(4) NOT NULL PRIMARY KEY AUTO_INCREMENT,
-  `title` VARCHAR(255) NOT NULL,
+  `id` INTEGER(8) NOT NULL PRIMARY KEY AUTO_INCREMENT,
+  `userId` INTEGER(8) NOT NULL DEFAULT 0,
+  `title` VARCHAR(255) NOT NULL DEFAULT "",
   `done` TINYINT(1) NOT NULL DEFAULT 0
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;
diff --git a/src/templates/testdata.sql b/src/templates/testdata.sql
@@ -1,5 +1,2 @@
-INSERT IGNORE INTO `users` (`id`, `username`, `password`)
-VALUES (1, "root", "cm9vdA==");
-
 INSERT IGNORE INTO `tasks` (`id`, `title`, `done`)
 VALUES (1, "First Task", 1), (2, "Second Task", 0), (3, "Third Task", 1);
