c9cb3560ef
Spatie Permission cu teams (team_foreign_key=company_id, teams=true): - migrations create_permission_tables (model_has_roles cu company_id scope) - HasRoles trait pe User - ResolveTenant middleware setează permissions team_id la tenant.id - Seed: 7 roluri default per tenant (admin/manager/receptionist/mechanic/parts_manager/accountant/marketer) Module noi: - Leads (cereri): name, phone, car/model, source, UTM, status, budget, assigned_to, acțiune "Convertește" → creează automat Client + Deal - Deals (pipeline): client/vehicle, stage (8 stage-uri), price, source, lost_reason - Posts + Appointments: post_id (boxă), master_id, date+time_start+time_end, status, color - UserResource (tenant): CRUD users cu role/status/locale; canViewAny doar pentru admin Custom Filament page "Setări" (tenant): - Brand & contact (display_name, city, phone, email) - Localizare (limba RO/RU/EN, currency, theme color picker) - Servicii & tarif (labor_rate) - Liste configurabile (services, cars) — păstrate în companies.settings JSON Widgets dashboard: - Tenant: StatsOverview (Clienți, Mașini, Cereri noi, Deal-uri active, Programări azi) - Central: PlatformStats (Companii total/active/trial, Expiră în 7 zile) Seed extins demo PSauto: - 3 posturi (Pod 1/2/3 cu culori) - 2 lead-uri demo (Alex Grosu Telegram, Irina Cojocaru WhatsApp) - 3 deal-uri demo (BMW done, Audi in_work, Porsche agree) - 2 programări (azi + mâine) Filament v5 fixes: - $navigationGroup type → string|UnitEnum|null (parent stricter signature) - Toate resources noi au tipurile corecte
76 lines
2.6 KiB
PHP
76 lines
2.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use App\Models\Central\Company;
|
|
use App\Tenancy\TenantManager;
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
|
|
|
/**
|
|
* Reads the request Host, extracts the tenant slug (subdomain of CENTRAL_DOMAIN),
|
|
* loads the matching Company and stores it in the TenantManager singleton.
|
|
*
|
|
* Examples (CENTRAL_DOMAIN=service.mir.md):
|
|
* psauto.service.mir.md → slug="psauto"
|
|
* service.mir.md → no tenant (central context)
|
|
* www.service.mir.md → reserved → 404
|
|
*/
|
|
class ResolveTenant
|
|
{
|
|
/** Subdomains that are NEVER treated as tenant slugs. */
|
|
public const RESERVED = [
|
|
'www', 'api', 'app', 'admin', 'mail', 'mailpit',
|
|
'git', 'gitea', 'coolify', 's3', 's3-admin',
|
|
'ws', 'reverb', 'pulse', 'horizon',
|
|
];
|
|
|
|
public function handle(Request $request, Closure $next, ?string $required = null)
|
|
{
|
|
$host = $request->getHost();
|
|
$central = config('tenancy.central_domains', []);
|
|
$centralPrimary = config('app.central_domain') ?: $central[0] ?? 'service.mir.md';
|
|
|
|
// No subdomain → central context.
|
|
if (in_array($host, $central, true)) {
|
|
// Tenant panel must never run on the central host.
|
|
if (str_starts_with($request->path(), 'app')) {
|
|
throw new NotFoundHttpException('Tenant routes are not available on the central domain.');
|
|
}
|
|
return $next($request);
|
|
}
|
|
|
|
$slug = null;
|
|
if (str_ends_with($host, ".{$centralPrimary}")) {
|
|
$slug = substr($host, 0, -strlen(".{$centralPrimary}"));
|
|
}
|
|
|
|
if (! $slug || in_array($slug, self::RESERVED, true) || str_contains($slug, '.')) {
|
|
// Reserved or multi-level subdomain → not a tenant. 404.
|
|
throw new NotFoundHttpException("Unknown subdomain: {$host}");
|
|
}
|
|
|
|
$company = Company::where('slug', $slug)->first();
|
|
|
|
if (! $company) {
|
|
throw new NotFoundHttpException("Tenant '{$slug}' not found.");
|
|
}
|
|
|
|
app(TenantManager::class)->setCurrent($company);
|
|
$request->attributes->set('tenant', $company);
|
|
|
|
// Tell Spatie Permission to scope roles to this company.
|
|
if (function_exists('app')) {
|
|
app(\Spatie\Permission\PermissionRegistrar::class)
|
|
->setPermissionsTeamId($company->id);
|
|
}
|
|
|
|
if ($required === 'required' && ! app(TenantManager::class)->isResolved()) {
|
|
throw new NotFoundHttpException();
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|