soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Fix tenant admin Google OAuth redirect
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (push) Has been cancelled
Details
tests / ui (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Codex Agent
2026-01-23 17:25:12 +01:00
parent ee6fb7a5bb
commit 7dd8bc4c91
2 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/Http/Controllers/TenantAdminGoogleController.php
View File

@@ -57,6 +57,7 @@ class TenantAdminGoogleController extends Controller
Auth::login($user, true); Auth::login($user, true);
$request->session()->regenerate(); $request->session()->regenerate();
$request->session()->forget('url.intended');
$returnTo = $request->session()->pull('tenant_oauth_return_to'); $returnTo = $request->session()->pull('tenant_oauth_return_to');
if (is_string($returnTo)) { if (is_string($returnTo)) {
@@ -66,7 +67,12 @@ class TenantAdminGoogleController extends Controller
} }
} }
return redirect()->intended('/event-admin/dashboard'); $fallback = $request->session()->pull('tenant_admin.return_to');
if (is_string($fallback) && str_starts_with($fallback, '/event-admin')) {
return redirect()->to($fallback);
}
return redirect()->to('/event-admin/dashboard');
} }
private function sendBackWithError(Request $request, string $code, string $message): RedirectResponse private function sendBackWithError(Request $request, string $code, string $message): RedirectResponse

28
tests/Feature/Auth/TenantAdminGoogleControllerTest.php
View File

@@ -69,6 +69,34 @@ class TenantAdminGoogleControllerTest extends TestCase
$this->assertAuthenticatedAs($user); $this->assertAuthenticatedAs($user);
} }
public function test_callback_ignores_intended_and_uses_admin_fallback(): void
{
$tenant = Tenant::factory()->create();
$user = User::factory()->create([
'tenant_id' => $tenant->id,
'role' => 'tenant_admin',
]);
$socialiteUser = tap(new SocialiteUser)->map([
'id' => 'google-id-456',
'name' => 'Google Tenant Admin',
'email' => $user->email,
]);
$driver = Mockery::mock();
Socialite::shouldReceive('driver')->once()->with('google')->andReturn($driver);
$driver->shouldReceive('user')->once()->andReturn($socialiteUser);
$this->withSession([
'url.intended' => '/packages',
]);
$response = $this->get('/event-admin/auth/google/callback');
$response->assertRedirect('/event-admin/dashboard');
$this->assertAuthenticatedAs($user);
}
public function test_callback_redirects_back_when_user_not_found(): void public function test_callback_redirects_back_when_user_not_found(): void
{ {
$socialiteUser = tap(new SocialiteUser)->map([ $socialiteUser = tap(new SocialiteUser)->map([