2020-10-28 18:14:17 +13:00
|
|
|
defmodule Ash.Actions.MultitenancyTest do
|
|
|
|
use ExUnit.Case, async: true
|
|
|
|
|
|
|
|
require Ash.Query
|
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
alias Ash.Test.Domain, as: Domain
|
|
|
|
|
2020-10-28 18:14:17 +13:00
|
|
|
defmodule User do
|
|
|
|
@moduledoc false
|
2024-03-28 09:06:40 +13:00
|
|
|
use Ash.Resource, domain: Domain, data_layer: Ash.DataLayer.Ets
|
2020-10-28 18:14:17 +13:00
|
|
|
|
|
|
|
ets do
|
|
|
|
private?(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
multitenancy do
|
|
|
|
strategy(:attribute)
|
|
|
|
attribute(:org_id)
|
|
|
|
end
|
|
|
|
|
|
|
|
actions do
|
2024-03-28 09:06:40 +13:00
|
|
|
default_accept :*
|
|
|
|
defaults [:read, :destroy, create: :*, update: :*]
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
attributes do
|
2021-01-13 09:40:55 +13:00
|
|
|
uuid_primary_key :id
|
2024-03-28 09:06:40 +13:00
|
|
|
|
|
|
|
attribute :name, :string do
|
|
|
|
public?(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
attribute :org_id, :uuid do
|
|
|
|
public?(true)
|
|
|
|
end
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
relationships do
|
2024-03-28 09:06:40 +13:00
|
|
|
has_many :posts, Ash.Actions.MultitenancyTest.Post,
|
|
|
|
destination_attribute: :author_id,
|
|
|
|
public?: true
|
2022-08-16 06:00:02 +12:00
|
|
|
|
|
|
|
has_many :comments, Ash.Actions.MultitenancyTest.Comment,
|
2024-03-28 09:06:40 +13:00
|
|
|
destination_attribute: :commenter_id,
|
|
|
|
public?: true
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defmodule Post do
|
|
|
|
@moduledoc false
|
2024-03-28 09:06:40 +13:00
|
|
|
use Ash.Resource, domain: Domain, data_layer: Ash.DataLayer.Ets
|
2020-10-28 18:14:17 +13:00
|
|
|
|
|
|
|
ets do
|
|
|
|
private?(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
attributes do
|
2021-01-13 09:40:55 +13:00
|
|
|
uuid_primary_key :id
|
2024-03-28 09:06:40 +13:00
|
|
|
|
|
|
|
attribute :name, :string do
|
|
|
|
public?(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
attribute :org_id, :uuid do
|
|
|
|
public?(true)
|
|
|
|
end
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
actions do
|
2024-03-28 09:06:40 +13:00
|
|
|
default_accept :*
|
|
|
|
defaults [:read, :destroy, create: :*, update: :*]
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
relationships do
|
2024-03-28 09:06:40 +13:00
|
|
|
has_many :comments, Ash.Actions.MultitenancyTest.Comment,
|
|
|
|
destination_attribute: :post_id,
|
|
|
|
public?: true
|
|
|
|
|
|
|
|
belongs_to :author, User do
|
|
|
|
public?(true)
|
|
|
|
end
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defmodule Comment do
|
|
|
|
@doc false
|
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
use Ash.Resource, domain: Domain, data_layer: Ash.DataLayer.Ets
|
2020-10-28 18:14:17 +13:00
|
|
|
|
|
|
|
ets do
|
|
|
|
private?(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
multitenancy do
|
|
|
|
strategy(:context)
|
2023-12-02 07:02:06 +13:00
|
|
|
global?(false)
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
actions do
|
2024-03-28 09:06:40 +13:00
|
|
|
default_accept :*
|
|
|
|
defaults [:read, :destroy, create: :*, update: :*]
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
attributes do
|
2021-01-13 09:40:55 +13:00
|
|
|
uuid_primary_key :id
|
2020-10-28 18:14:17 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
attribute :name, :string do
|
|
|
|
public?(true)
|
|
|
|
end
|
2021-10-07 19:41:02 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
attribute :org_id, :uuid do
|
|
|
|
public?(true)
|
|
|
|
end
|
2021-10-07 19:41:02 +13:00
|
|
|
end
|
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
relationships do
|
|
|
|
belongs_to :commenter, User do
|
|
|
|
public?(true)
|
|
|
|
end
|
2020-10-28 18:14:17 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
belongs_to :post, Post do
|
|
|
|
public?(true)
|
|
|
|
end
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "attribute multitenancy" do
|
|
|
|
setup do
|
2021-02-23 14:29:31 +13:00
|
|
|
%{tenant1: Ash.UUID.generate(), tenant2: Ash.UUID.generate()}
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a simple write works when a tenant is specified", %{tenant1: tenant1} do
|
|
|
|
User
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a record written to one tenant cannot be read from another", %{
|
|
|
|
tenant1: tenant1,
|
|
|
|
tenant2: tenant2
|
|
|
|
} do
|
|
|
|
User
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
2020-10-28 18:14:17 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
assert User |> Ash.Query.set_tenant(tenant2) |> Ash.read!() == []
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
2024-03-28 03:07:53 +13:00
|
|
|
test "a record written to one tenant cannot be read from another with aggregate queries", %{
|
|
|
|
tenant1: tenant1,
|
|
|
|
tenant2: tenant2
|
|
|
|
} do
|
|
|
|
User
|
|
|
|
|> Ash.Changeset.new()
|
|
|
|
|> Ash.Changeset.set_tenant(tenant1)
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.create!()
|
2024-03-28 03:07:53 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
assert User |> Ash.Query.set_tenant(tenant2) |> Ash.list!(:name) == []
|
2024-03-28 03:07:53 +13:00
|
|
|
end
|
|
|
|
|
2020-10-28 18:14:17 +13:00
|
|
|
test "a record can be updated in a tenant", %{tenant1: tenant1, tenant2: tenant2} do
|
|
|
|
User
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
|
|
|
|> Ash.Changeset.for_update(:update, %{}, tenant: tenant1)
|
|
|
|
|> Ash.update!()
|
2020-10-28 18:14:17 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
assert User |> Ash.Query.set_tenant(tenant2) |> Ash.read!() == []
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a record can be destroyed in a tenant", %{tenant1: tenant1} do
|
|
|
|
User
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
|
|
|
|> Ash.Changeset.for_update(:update, %{}, tenant: tenant1)
|
|
|
|
|> Ash.destroy!()
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "contextual multitenancy" do
|
|
|
|
setup do
|
2021-02-23 14:29:31 +13:00
|
|
|
%{tenant1: Ash.UUID.generate(), tenant2: Ash.UUID.generate()}
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a simple write works when a tenant is specified", %{tenant1: tenant1} do
|
|
|
|
Comment
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a record written to one tenant cannot be read from another", %{
|
|
|
|
tenant1: tenant1,
|
|
|
|
tenant2: tenant2
|
|
|
|
} do
|
|
|
|
Comment
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
2020-10-28 18:14:17 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
assert Comment |> Ash.Query.set_tenant(tenant2) |> Ash.read!() == []
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a record can be updated in a tenant", %{tenant1: tenant1, tenant2: tenant2} do
|
|
|
|
Comment
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
2020-10-28 18:14:17 +13:00
|
|
|
|> Ash.Changeset.set_tenant(tenant1)
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.create!()
|
|
|
|
|> Ash.Changeset.for_update(:update, %{}, tenant: tenant1)
|
|
|
|
|> Ash.update!()
|
2020-10-28 18:14:17 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
assert Comment |> Ash.Query.set_tenant(tenant2) |> Ash.read!() == []
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
|
|
|
|
test "a record can be destroyed in a tenant", %{tenant1: tenant1} do
|
|
|
|
Comment
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
|
|
|
|> Ash.Changeset.for_update(:update, %{}, tenant: tenant1)
|
|
|
|
|> Ash.destroy!()
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
2022-12-30 17:05:41 +13:00
|
|
|
|
|
|
|
test "a record cannot be read without tenant specified", %{
|
|
|
|
tenant1: tenant1
|
|
|
|
} do
|
|
|
|
Comment
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.Changeset.for_create(:create, %{}, tenant: tenant1)
|
|
|
|
|> Ash.create!()
|
2022-12-30 17:05:41 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
result = Comment |> Ash.read()
|
2022-12-30 17:05:41 +13:00
|
|
|
assert {:error, %Ash.Error.Invalid{errors: [%Ash.Error.Invalid.TenantRequired{}]}} = result
|
|
|
|
end
|
2024-03-28 03:07:53 +13:00
|
|
|
|
|
|
|
test "an aggregate cannot be used without tenant specified", %{
|
|
|
|
tenant1: tenant1
|
|
|
|
} do
|
|
|
|
Comment
|
|
|
|
|> Ash.Changeset.new()
|
|
|
|
|> Ash.Changeset.set_tenant(tenant1)
|
2024-03-28 09:06:40 +13:00
|
|
|
|> Ash.create!()
|
2024-03-28 03:07:53 +13:00
|
|
|
|
2024-03-28 09:06:40 +13:00
|
|
|
result = User |> Ash.count()
|
2024-03-28 03:07:53 +13:00
|
|
|
assert {:error, %Ash.Error.Invalid{errors: [%Ash.Error.Invalid.TenantRequired{}]}} = result
|
|
|
|
end
|
2020-10-28 18:14:17 +13:00
|
|
|
end
|
|
|
|
end
|