rls_multi_tenant 0.2.6 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +22 -0
- data/lib/rls_multi_tenant/generators/install/templates/rls_multi_tenant.rb +5 -0
- data/lib/rls_multi_tenant/middleware/subdomain_tenant_selector.rb +9 -2
- data/lib/rls_multi_tenant/version.rb +1 -1
- data/lib/rls_multi_tenant.rb +6 -1
- metadata +1 -2
- data/lib/rls_multi_tenant/rls_multi_tenant.rb +0 -55
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 50eff8f3ced091cac7b277aff79cfd435a0ce0701ee2ca3ca7163d57e6792406
|
|
4
|
+
data.tar.gz: 7739392cf8b866e5d6e86ccebeeccb3a3e913b7efbccf89a4441d79dfbc93f84
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a8c6c0d9323251de3b6bc8321cb8bae781ae8248ea37dd9cf643aa7e4e0441234c42084d7391dcd73d4735e20080c27025969359e5dfe1c9f0bea0d30e5aa34d
|
|
7
|
+
data.tar.gz: 7788deda9e7deb6c49e7fd9359cfb06e648044c48d78ac9e1823b3cf91eb0deff90db6d95e94f2433adc726b0d6fd924b822958cab0c7882da0667d7af606def
|
data/README.md
CHANGED
|
@@ -99,6 +99,7 @@ bundle install
|
|
|
99
99
|
config.enable_security_validation = true # Enable security checks (prevents running with superuser privileges)
|
|
100
100
|
config.enable_subdomain_middleware = true # Enable subdomain-based tenant switching (default: true)
|
|
101
101
|
config.subdomain_field = :subdomain # Field to use for subdomain matching (default: :subdomain)
|
|
102
|
+
config.excluded_subdomains = ['www'] # Subdomains to exclude from tenant lookup (default: ['www'])
|
|
102
103
|
end
|
|
103
104
|
```
|
|
104
105
|
3. **Setup the tenant model and migrations:**
|
|
@@ -172,6 +173,27 @@ tenant2 = Tenant.create!(name: "Company B", subdomain: "company-b")
|
|
|
172
173
|
# Users visiting yourdomain.com (no subdomain) will have no tenant context
|
|
173
174
|
```
|
|
174
175
|
|
|
176
|
+
**Excluded Subdomains:**
|
|
177
|
+
|
|
178
|
+
You can configure subdomains that should be excluded from tenant lookup and treated as public access (no tenant context). By default, `www` is excluded.
|
|
179
|
+
|
|
180
|
+
```ruby
|
|
181
|
+
RlsMultiTenant.configure do |config|
|
|
182
|
+
# Exclude multiple subdomains from tenant lookup
|
|
183
|
+
config.excluded_subdomains = ['www', 'admin', 'api']
|
|
184
|
+
end
|
|
185
|
+
```
|
|
186
|
+
|
|
187
|
+
When a request comes from an excluded subdomain (e.g., `www.yourdomain.com`), the middleware will:
|
|
188
|
+
- Skip tenant lookup
|
|
189
|
+
- Treat the request as public access (no tenant context)
|
|
190
|
+
- Not raise an error for missing tenant
|
|
191
|
+
|
|
192
|
+
This is useful for:
|
|
193
|
+
- Main website access (`www`)
|
|
194
|
+
- Admin panels that shouldn't be tenant-scoped
|
|
195
|
+
- API endpoints that need public access
|
|
196
|
+
|
|
175
197
|
### Public Access (Non-Tenanted Models)
|
|
176
198
|
|
|
177
199
|
Models that don't include `RlsMultiTenant::Concerns::TenantContext` are automatically treated as public models and can be accessed without tenant context. This provides a secure, explicit way to separate tenant-specific and public models.
|
|
@@ -16,4 +16,9 @@ RlsMultiTenant.configure do |config|
|
|
|
16
16
|
# Configure the field to use for subdomain matching (default: :subdomain)
|
|
17
17
|
# This should be a field on your tenant model that contains the subdomain
|
|
18
18
|
config.subdomain_field = :subdomain
|
|
19
|
+
|
|
20
|
+
# Configure excluded subdomains (default: ['www'])
|
|
21
|
+
# Subdomains in this list will be treated as if they were nil (public access)
|
|
22
|
+
# Example: ['www', 'admin', 'api'] - these subdomains won't trigger tenant lookup
|
|
23
|
+
config.excluded_subdomains = ['www']
|
|
19
24
|
end
|
|
@@ -30,7 +30,7 @@ module RlsMultiTenant
|
|
|
30
30
|
def handle_no_tenant_request(env, request)
|
|
31
31
|
subdomain = extract_subdomain(request.host)
|
|
32
32
|
|
|
33
|
-
if subdomain.present? && subdomain
|
|
33
|
+
if subdomain.present? && !excluded_subdomain?(subdomain)
|
|
34
34
|
handle_missing_tenant_error(request, subdomain)
|
|
35
35
|
else
|
|
36
36
|
handle_public_access(request)
|
|
@@ -64,7 +64,7 @@ module RlsMultiTenant
|
|
|
64
64
|
|
|
65
65
|
def resolve_tenant_from_subdomain(request)
|
|
66
66
|
subdomain = extract_subdomain(request.host)
|
|
67
|
-
return nil if subdomain.blank? || subdomain
|
|
67
|
+
return nil if subdomain.blank? || excluded_subdomain?(subdomain)
|
|
68
68
|
|
|
69
69
|
# Look up tenant by subdomain only
|
|
70
70
|
tenant_class = RlsMultiTenant.tenant_class
|
|
@@ -101,6 +101,13 @@ module RlsMultiTenant
|
|
|
101
101
|
def ip_host?(host)
|
|
102
102
|
!/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/.match(host).nil?
|
|
103
103
|
end
|
|
104
|
+
|
|
105
|
+
def excluded_subdomain?(subdomain)
|
|
106
|
+
return false if subdomain.blank?
|
|
107
|
+
|
|
108
|
+
excluded = RlsMultiTenant.excluded_subdomains
|
|
109
|
+
excluded.is_a?(Array) && excluded.include?(subdomain.to_s.downcase)
|
|
110
|
+
end
|
|
104
111
|
end
|
|
105
112
|
end
|
|
106
113
|
end
|
data/lib/rls_multi_tenant.rb
CHANGED
|
@@ -17,7 +17,7 @@ module RlsMultiTenant
|
|
|
17
17
|
# Configuration options
|
|
18
18
|
class << self
|
|
19
19
|
attr_writer :tenant_class_name, :tenant_id_column, :enable_security_validation, :enable_subdomain_middleware,
|
|
20
|
-
:subdomain_field
|
|
20
|
+
:subdomain_field, :excluded_subdomains
|
|
21
21
|
|
|
22
22
|
def configure
|
|
23
23
|
yield self
|
|
@@ -46,6 +46,10 @@ module RlsMultiTenant
|
|
|
46
46
|
def subdomain_field
|
|
47
47
|
@subdomain_field ||= :subdomain
|
|
48
48
|
end
|
|
49
|
+
|
|
50
|
+
def excluded_subdomains
|
|
51
|
+
@excluded_subdomains ||= ['www']
|
|
52
|
+
end
|
|
49
53
|
end
|
|
50
54
|
|
|
51
55
|
# Default configuration
|
|
@@ -54,4 +58,5 @@ module RlsMultiTenant
|
|
|
54
58
|
self.enable_security_validation = true
|
|
55
59
|
self.enable_subdomain_middleware = true
|
|
56
60
|
self.subdomain_field = :subdomain
|
|
61
|
+
self.excluded_subdomains = ['www']
|
|
57
62
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rls_multi_tenant
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Coding Ways
|
|
@@ -177,7 +177,6 @@ files:
|
|
|
177
177
|
- lib/rls_multi_tenant/middleware/subdomain_tenant_selector.rb
|
|
178
178
|
- lib/rls_multi_tenant/railtie.rb
|
|
179
179
|
- lib/rls_multi_tenant/rls_helper.rb
|
|
180
|
-
- lib/rls_multi_tenant/rls_multi_tenant.rb
|
|
181
180
|
- lib/rls_multi_tenant/security_validator.rb
|
|
182
181
|
- lib/rls_multi_tenant/version.rb
|
|
183
182
|
- rls_multi_tenant.gemspec
|
|
@@ -1,55 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
require 'rls_multi_tenant/version'
|
|
4
|
-
require 'rls_multi_tenant/concerns/multi_tenant'
|
|
5
|
-
require 'rls_multi_tenant/concerns/tenant_context'
|
|
6
|
-
require 'rls_multi_tenant/security_validator'
|
|
7
|
-
require 'rls_multi_tenant/rls_helper'
|
|
8
|
-
require 'rls_multi_tenant/railtie' if defined?(Rails)
|
|
9
|
-
|
|
10
|
-
module RlsMultiTenant
|
|
11
|
-
class Error < StandardError; end
|
|
12
|
-
class ConfigurationError < Error; end
|
|
13
|
-
class SecurityError < Error; end
|
|
14
|
-
|
|
15
|
-
# Configuration options
|
|
16
|
-
class << self
|
|
17
|
-
attr_writer :tenant_class_name, :tenant_id_column, :enable_security_validation, :enable_subdomain_middleware,
|
|
18
|
-
:subdomain_field
|
|
19
|
-
|
|
20
|
-
def configure
|
|
21
|
-
yield self
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def tenant_class_name
|
|
25
|
-
@tenant_class_name ||= 'Tenant'
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def tenant_class
|
|
29
|
-
@tenant_class ||= tenant_class_name.constantize
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
def tenant_id_column
|
|
33
|
-
@tenant_id_column ||= :tenant_id
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def enable_security_validation
|
|
37
|
-
@enable_security_validation.nil? || @enable_security_validation
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
def enable_subdomain_middleware
|
|
41
|
-
@enable_subdomain_middleware.nil? ? false : @enable_subdomain_middleware
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
def subdomain_field
|
|
45
|
-
@subdomain_field ||= :subdomain
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
# Default configuration
|
|
50
|
-
self.tenant_class_name = 'Tenant'
|
|
51
|
-
self.tenant_id_column = :tenant_id
|
|
52
|
-
self.enable_security_validation = true
|
|
53
|
-
self.enable_subdomain_middleware = true
|
|
54
|
-
self.subdomain_field = :subdomain
|
|
55
|
-
end
|