improved url domain matching for multi-tenant deployments

2025-07-24 15:49:44 +02:00 · 2017-09-08 19:41:46 +01:00 · 2017-09-08 19:41:46 +01:00 · 2386dcbd83
commit 2386dcbd83
parent e92ad317d8
3 changed files with 650 additions and 632 deletions
--- a/domain/meta/endpoint.go
+++ b/domain/meta/endpoint.go
@ -41,6 +41,7 @@ func (h *Handler) Meta(w http.ResponseWriter, r *http.Request) {

 	org, err := h.Store.Organization.GetOrganizationByDomain(data.URL)
 	if err != nil {
+		h.Runtime.Log.Error("unable to fetch request meta for "+data.URL, err)
 		response.WriteForbiddenError(w)
 		return
 	}
--- a/domain/organization/mysql/store.go
+++ b/domain/organization/mysql/store.go
@ -82,22 +82,39 @@ func (s Scope) GetOrganizationByDomain(subdomain string) (o org.Organization, er
 	err = nil
 	subdomain = strings.TrimSpace(strings.ToLower(subdomain))

-	if s.Runtime.Flags.SiteMode == env.SiteModeNormal { // only return an organization when running normally
-		var stmt *sqlx.Stmt
+	// only return an organization when running normally
+	if s.Runtime.Flags.SiteMode != env.SiteModeNormal {
+		err = errors.New("database not in normal mode so cannot fetch meta for " + subdomain)
+		return
+	}

-		stmt, err = s.Runtime.Db.Preparex("SELECT id, refid, company, title, message, url, domain, service as conversionendpoint, email, serial, active, allowanonymousaccess, authprovider, coalesce(authconfig,JSON_UNQUOTE('{}')) as authconfig, created, revised FROM organization WHERE domain=? AND active=1")
-		defer streamutil.Close(stmt)
+	var stmt *sqlx.Stmt
+	stmt, err = s.Runtime.Db.Preparex("SELECT id, refid, company, title, message, url, domain, service as conversionendpoint, email, serial, active, allowanonymousaccess, authprovider, coalesce(authconfig,JSON_UNQUOTE('{}')) as authconfig, created, revised FROM organization WHERE domain=? AND active=1")
+	defer streamutil.Close(stmt)

-		if err != nil {
-			err = errors.Wrap(err, fmt.Sprintf("unable to prepare select for subdomain %s", subdomain))
-			return
-		}
+	if err != nil {
+		err = errors.Wrap(err, fmt.Sprintf("unable to prepare select for subdomain %s", subdomain))
+		return
+	}

-		err = stmt.Get(&o, subdomain)
-		if err != nil && err != sql.ErrNoRows {
-			err = errors.Wrap(err, fmt.Sprintf("unable to execute select for subdomain %s", subdomain))
-			return
-		}
+	err = stmt.Get(&o, subdomain)
+	if err == nil {
+		return
+	}
+
+	// we try to match on empty domain as last resort
+	stmt, err = s.Runtime.Db.Preparex("SELECT id, refid, company, title, message, url, domain, service as conversionendpoint, email, serial, active, allowanonymousaccess, authprovider, coalesce(authconfig,JSON_UNQUOTE('{}')) as authconfig, created, revised FROM organization WHERE domain='' AND active=1")
+	defer streamutil.Close(stmt)
+
+	if err != nil {
+		err = errors.Wrap(err, "unable to prepare select for empty subdomain")
+		return
+	}
+
+	err = stmt.Get(&o)
+	if err != nil && err != sql.ErrNoRows {
+		err = errors.Wrap(err, "unable to execute select for empty subdomain")
+		return
 	}

 	return
--- a/embed/bindata_assetfs.go
+++ b/embed/bindata_assetfs.go