-
Hi, The bottom line is:
In laravel-multitenancy I use separate databases for landlord and tenants. When I check permissions in my UserPolicy of the tenant the function HasPermissions::getAllPermissions() correctly uses the tenant database, while HasPermissions::hasPermissionTo() and subsequently also $user->can() incorrectly uses the landlord database and refuses to grant access. I'm not sure if this is an laravel-multitenancy or laravel-permission issue, therefore the pointer. Thanks in advance for any hints, how I could solve the issue! |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 3 replies
-
I think it'd be helpful to have access to actual source code in order to sort this out. (run xdebug, trace things through, etc). Ideally a simple new repo with a simple app that demonstrates this problem would be best, and doesn't expose any proprietary project logic etc. That would also let us add some specific tests as well. But if it's easier for you to privately share the entire code base project, you can zip it and upload it to me via dropbox. I'll stage it locally for debugging, and destroy all copies when done. Here's a dropbox upload folder: https://www.dropbox.com/request/xmpVVZNeMGFuv1nWobwz |
Beta Was this translation helpful? Give feedback.
-
I was able to get around this issue by overwriting the I don't use the mutitenancy package, so treat this example below as pseudocode. I looked into your example project and the multitenancy documentation briefly, but I haven't tested this at all. It's using the User.php: public function roles(): BelongsToMany
{
$relation = $this->setConnection($this->getConnectionName())->morphToMany(
config('permission.models.role'),
'model',
config('permission.table_names.model_has_roles'),
config('permission.column_names.model_morph_key'),
app(PermissionRegistrar::class)->pivotRole
);
...
}
public function permissions(): BelongsToMany
{
$relation = $this->setConnection($this->getConnectionName())->morphToMany(
config('permission.models.permission'),
'model',
config('permission.table_names.model_has_permissions'),
config('permission.column_names.model_morph_key'),
app(PermissionRegistrar::class)->pivotPermission
);
...
} Again... Not ideal, but could help you in the short term. |
Beta Was this translation helpful? Give feedback.
-
Problem: Solution (at least for my case):
Note: if the default DB-connection is not the landlord connection it might be necessary to take care of this as well. In my case the default is landlord and the default settings of the permission config (use the Models of the package) work fine for the landlord. |
Beta Was this translation helpful? Give feedback.
Problem:
laravel-multitenancy supports to have separate databases for the landlord and each of the tenants. It also provides tasks that can be run when switching to/from a tenant in order to set the database connection and other configs as needed. In my case the database switching was done correctly and the User model was aware which database connection (the tenant one) to use. This is done by using the UsesTenantConnection trait.
The User model also uses the HasRoles trait of laravel-permission, which itself uses the HasPermissions trait. HasPermissions provides the hasPermissionTo function, which is used to check if a user has a certain permission. The inner workings of this function ig…