Merge branch 'develop' into task/FOUR-26777

Author: nolanpro

ProcessMaker/Application.php

@@ -5,14 +5,25 @@
 use Igaster\LaravelTheme\Facades\Theme;
 use Illuminate\Filesystem\Filesystem;
 use Illuminate\Foundation\Application as IlluminateApplication;
+use Illuminate\Foundation\Bootstrap\LoadEnvironmentVariables;
+use Illuminate\Foundation\Bootstrap\RegisterProviders;
 use Illuminate\Foundation\PackageManifest;
+use Illuminate\Support\Env;
+use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Config;
+use ProcessMaker\Multitenancy\Tenant;
+use ProcessMaker\Multitenancy\TenantBootstrapper;
 
 /**
  * Class Application.
  */
 class Application extends IlluminateApplication
 {
+    public $overrideTenantId = null;
+
+    public $skipCacheEvents = false;
+
     /**
      * Sets the timezone for the application and for php with the specified timezone.
      *
@@ -90,4 +101,15 @@ public function registerConfiguredProviders()
 
         parent::registerConfiguredProviders();
     }
+
+    public function bootstrapWith(array $bootstrappers)
+    {
+        // Insert TenantBootstrapper after LoadEnvironmentVariables
+        if ($bootstrappers[0] !== LoadEnvironmentVariables::class) {
+            throw new \Exception('LoadEnvironmentVariables is not the first bootstrapper. Did a laravel upgrade change this?');
+        }
+        array_splice($bootstrappers, 1, 0, [TenantBootstrapper::class]);
+
+        return parent::bootstrapWith($bootstrappers);
+    }
 }

ProcessMaker/Console/Commands/ProcessMakerLicenseRemove.php

@@ -34,9 +34,9 @@ class ProcessMakerLicenseRemove extends Command
      */
     public function handle()
     {
-        if (Storage::disk('root')->exists('license.json')) {
+        if (Storage::disk('local')->exists('license.json')) {
             if ($this->option('force') || $this->confirm('Are you sure you want to remove the license.json file?')) {
-                Storage::disk('root')->delete('license.json');
+                Storage::disk('local')->delete('license.json');
                 $this->info('license.json removed successfully!');
 
                 $this->info('Calling package:discover to update the package cache with enabled packages');

ProcessMaker/Console/Commands/ProcessMakerLicenseUpdate.php

@@ -40,7 +40,7 @@ public function handle()
                 return 1;
             }
 
-            Storage::disk('root')->put('license.json', $content);
+            Storage::disk('local')->put('license.json', $content);
 
             $this->info('Calling package:discover to update the package cache with enabled packages');
             Artisan::call('package:discover');

ProcessMaker/Console/Commands/TenantsCreate.php

@@ -198,7 +198,9 @@ public function handle()
             $this->line('- Run migrations and seed the database');
             $this->line('- Run the install command for each package');
             $this->line('- Run artisan upgrade');
-            $this->line('- Install passport by calling passport:install');
+            $this->line('- Install passport by calling passport:install (create the default clients');
+            $this->line('- Reset the admin password with auth:set-password');
+            $this->line('- Run processmaker:initialize-script-microservice');
             $this->info("For example, `TENANT={$tenant->id} php artisan migrate:fresh --seed`");
         }
     }

ProcessMaker/Console/Commands/TenantsList.php

@@ -15,7 +15,7 @@ class TenantsList extends Command
      *
      * @var string
      */
-    protected $signature = 'tenants:list {--ids : Only output the ids}';
+    protected $signature = 'tenants:list {--ids : Only output the ids} {--json : Output the tenants as JSON}';
 
     /**
      * The console command description.
@@ -40,6 +40,12 @@ public function handle()
             return;
         }
 
+        if ($this->option('json')) {
+            $this->line(json_encode($tenants->toArray(), JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES));
+
+            return;
+        }
+
         $formattedTenants = $tenants->map(function ($tenant) {
             $config = $tenant->config;
 

ProcessMaker/Console/Commands/TenantsVerify.php

@@ -3,8 +3,13 @@
 namespace ProcessMaker\Console\Commands;
 
 use Illuminate\Console\Command;
+use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Support\Facades\Config;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\File;
 use Illuminate\Support\Facades\Log;
+use ProcessMaker\Models\EnvironmentVariable;
+use ProcessMaker\Models\User;
 use Spatie\Multitenancy\Models\Tenant;
 
 class TenantsVerify extends Command
@@ -14,7 +19,7 @@ class TenantsVerify extends Command
      *
      * @var string
      */
-    protected $signature = 'tenants:verify {--verify-against= : The tenant ID to verify against}';
+    protected $signature = 'tenants:verify';
 
     /**
      * The console command description.
@@ -23,17 +28,6 @@ class TenantsVerify extends Command
      */
     protected $description = 'Verify tenant configuration and storage paths';
 
-    /**
-     * Strip protocol from URL
-     *
-     * @param string $url
-     * @return string
-     */
-    private function stripProtocol(string $url): string
-    {
-        return preg_replace('#^https?://#', '', $url);
-    }
-
     /**
      * Execute the console command.
      *
@@ -46,85 +40,72 @@ public function handle()
             $currentTenant = app('currentTenant');
         }
 
-        $verifyAgainstId = $this->option('verify-against');
-
-        if (!$currentTenant) {
-            $this->error('No current tenant found');
+        if (config('app.multitenancy') && !$currentTenant) {
+            $this->error('Multitenancy enabled but no current tenant found.');
 
             return;
         }
 
-        $this->info('Current Tenant ID: ' . $currentTenant->id);
-        $this->line('----------------------------------------');
+        $this->info('Current Tenant ID: ' . ($currentTenant?->id ?? 'NONE'));
 
-        // Expected paths and configurations
-        $expectedStoragePath = base_path('storage/tenant_' . $currentTenant->id);
-        $actualConfigs = [
-            'filesystems.disks.local.root' => storage_path('app'),
-            'cache.prefix' => config('cache.prefix'),
-            'app.url' => config('app.url'),
-            'script-runner-microservice.callback' => config('script-runner-microservice.callback'),
+        $paths = [
+            ['Storage Path', storage_path()],
+            ['Config Cache Path', app()->getCachedConfigPath()],
+            ['Lang Path', lang_path()],
         ];
 
-        // Display current values
-        $this->info('Current Storage Path: ' . storage_path());
-        $this->line('----------------------------------------');
-
-        $this->info('Current Configuration Values:');
-        foreach ($actualConfigs as $key => $expectedValue) {
-            $currentValue = config($key);
-            $this->line("{$key}: {$currentValue}");
-        }
-
-        // If verify-against is specified, perform verification
-        if ($verifyAgainstId) {
-            $this->line('----------------------------------------');
-            $this->info("Verifying against tenant ID: {$verifyAgainstId}");
+        // Display paths in a nice table
+        $this->table(['Path', 'Value'], $paths);
+
+        $configs = [
+            'app.key',
+            'app.url',
+            'app.instance',
+            'cache.prefix',
+            'database.redis.options.prefix',
+            'cache.stores.cache_settings.prefix',
+            'script-runner-microservice.callback',
+            'database.connections.processmaker.database',
+            'logging.channels.daily.path',
+            'filesystems.disks.public.root',
+            'filesystems.disks.local.root',
+            'filesystems.disks.lang.root',
+        ];
 
-            $expectedStoragePath = base_path('storage/tenant_' . $verifyAgainstId);
-            $expectedConfigs = [
-                'filesystems.disks.local.root' => $expectedStoragePath . '/app',
-                'cache.prefix' => 'tenant_id_' . $verifyAgainstId,
-                'app.url' => config('app.url'),
+        $configs = array_map(function ($config) {
+            return [
+                $config,
+                config($config),
             ];
-
-            $hasMismatch = false;
-
-            // Verify storage path
-            if (storage_path() !== $expectedStoragePath) {
-                $this->error('Storage path mismatch!');
-                $this->line("Expected: {$expectedStoragePath}");
-                $this->line('Current: ' . storage_path());
-                $hasMismatch = true;
-            }
-
-            // Verify tenant URL if tenant exists
-            $verifyTenant = Tenant::find($verifyAgainstId);
-            if ($verifyTenant && $verifyTenant->domain !== $this->stripProtocol(config('app.url'))) {
-                $this->error('Tenant URL mismatch!');
-                $this->line("Expected: {$verifyTenant->domain}");
-                $this->line('Current: ' . config('app.url'));
-                $hasMismatch = true;
-            }
-
-            // Verify config values
-            foreach ($expectedConfigs as $key => $expectedValue) {
-                $currentValue = config($key);
-                if ($currentValue !== $expectedValue) {
-                    $this->error("Config mismatch for {$key}!");
-                    $this->line("Expected: {$expectedValue}");
-                    $this->line("Current: {$currentValue}");
-                    $hasMismatch = true;
-                }
+        }, $configs);
+
+        // Display configs in a nice table
+        $this->table(['Config', 'Value'], $configs);
+
+        $env = EnvironmentVariable::first();
+        if (!$env) {
+            $decrypted = 'No environment variables found to test decryption';
+        } else {
+            $encryptedValue = $env->getAttributes()['value'];
+            try {
+                Crypt::decryptString($encryptedValue);
+                $decrypted = 'OK';
+            } catch (DecryptException $e) {
+                $decrypted = 'FAILED! ' . $e->getMessage();
             }
-
-            if (!$hasMismatch) {
-                $this->info('All configurations match as expected!');
-            }
-
-            return $hasMismatch ? Command::FAILURE : Command::SUCCESS;
         }
 
-        return Command::SUCCESS;
+        $other = [
+            ['Landlord Config Cache Path', base_path('bootstrap/cache/config.php')],
+            ['Landlord Config Is Cached', File::exists(base_path('bootstrap/cache/config.php')) ? 'Yes' : 'No'],
+            ['Tenant Config Cache Path', app()->getCachedConfigPath()],
+            ['Tenant Config Is Cached', File::exists(app()->getCachedConfigPath()) ? 'Yes' : 'No'],
+            ['First username (database check)', User::first()?->username ?? 'No users found'],
+            ['Decrypted check', substr($decrypted, 0, 50)],
+            ['Original App URL (landlord)', $currentTenant?->getOriginalValue('APP_URL') ?? config('app.url')],
+        ];
+
+        // Display other in a nice table
+        $this->table(['Other', 'Value'], $other);
     }
 }

ProcessMaker/Console/Kernel.php

@@ -88,6 +88,9 @@ protected function schedule(Schedule $schedule)
                 $schedule->command('metrics:clear')->cron("*/{$clearInterval} * * * *");
                 break;
         }
+
+        // 5 minutes is recommended in https://laravel.com/docs/12.x/horizon#metrics
+        $schedule->command('horizon:snapshot')->everyFiveMinutes();
     }
 
     /**

ProcessMaker/Exception/Handler.php

@@ -43,6 +43,11 @@ class Handler extends ExceptionHandler
      */
     public function report(Throwable $exception)
     {
+        if (!App::getFacadeRoot()) {
+            error_log(get_class($exception) . ': ' . $exception->getMessage());
+
+            return;
+        }
         if (App::environment() == 'testing' && env('TESTING_VERBOSE')) {
             // If we're verbose, we should print ALL Exceptions to the screen
             echo $exception->getMessage() . "\n";
@@ -146,18 +151,4 @@ protected function convertExceptionToArray(Throwable $e)
             'message' => $this->isHttpException($e) ? $e->getMessage() : 'Server Error',
         ];
     }
-
-    /**
-     * Errors in the console must have an exit status > 0 for CI to see it as an error.
-     * This prevents the symfony console from handling the error and returning an
-     * exit status of 0, which it does by default surprisingly.
-     *
-     * @param  \Symfony\Component\Console\Output\OutputInterface  $output
-     * @param  Throwable  $e
-     * @return void
-     */
-    public function renderForConsole($output, Throwable $e)
-    {
-        throw $e;
-    }
 }

ProcessMaker/Exception/MultitenancyAccessedLandlord.php

@@ -5,11 +5,21 @@
 use Exception;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
+use ProcessMaker\Facades\Metrics;
 
 class MultitenancyAccessedLandlord extends Exception
 {
     public function render(Request $request): Response
     {
+        // If we're trying to access the /metrics route, collect landlord metrics and render them
+        if ($request->path() === 'metrics') {
+            Metrics::collectQueueMetrics();
+
+            return response(Metrics::renderMetrics(), 200, [
+                'Content-Type' => 'text/plain; version=0.0.4',
+            ]);
+        }
+
         return response()->view('multitenancy.landlord-landing-page');
     }
 

ProcessMaker/Http/Controllers/Admin/QueuesController.php

@@ -5,18 +5,28 @@
 use Illuminate\Auth\Access\AuthorizationException;
 use ProcessMaker\Events\QueueManagementAccessed;
 use ProcessMaker\Http\Controllers\Controller;
+use ProcessMaker\Providers\TenantQueueServiceProvider;
 
 class QueuesController extends Controller
 {
     public function index()
     {
-        if (auth()->user()->is_administrator) {
-            // Register the Event
-            QueueManagementAccessed::dispatch();
+        if (!auth()->user()->is_administrator) {
+            throw new AuthorizationException();
+        }
 
-            return view('admin.queues.index');
+        if (config('app.multitenancy')) {
+            if (!TenantQueueServiceProvider::allowAllTenats()) {
+                // Its multitenancy and they don't have access to all tenants so
+                // redirect to the tenant-filtered queue management page.
+                // Otherwise, show the horizon queue manager.
+                return redirect()->route('tenant-queue.index');
+            }
         }
 
-        throw new AuthorizationException();
+        // Register the Event
+        QueueManagementAccessed::dispatch();
+
+        return view('admin.queues.index');
     }
 }