[4x] Delete redundant universal route check from prevent access MW

[lukinovec]

The PreventAcessFromUnwantedDomains MW had the tenancy()->routeIsUniversal($route) check either for returning early, or it was a leftover from some older implementation, so I removed it.

The middleware aborts if the $this->accessingTenantRouteFromCentralDomain($request, $route) || $this->accessingCentralRouteFromTenantDomain($request, $route) check passes. Meaning, for the middleware to abort, the route has to be either in central or tenant mode. When the route is in universal mode, the middleware will never reach return $abortRequest(). return $next($request) will always get reached, even when the || tenancy()->routeIsUniversal($route) check is deleted from the previous condition, so that check was basically useless.

Resolves #1418

Summary by CodeRabbit

• Bug Fixes
  • Fixed domain access restrictions to be consistently enforced across all route types, preventing unauthorized access that was previously bypassed.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.03%. Comparing base (c32f52c) to head (360b0ca).

Additional details and impacted files

@@            Coverage Diff            @@
##             master    #1427   +/-   ##
=========================================
  Coverage     86.03%   86.03%           
+ Complexity     1156     1155    -1     
=========================================
  Files           184      184           
  Lines          3381     3381           
=========================================
  Hits           2909     2909           
  Misses          472      472           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 22f539c6-b340-4131-addf-9d52648cb003

📥 Commits

Reviewing files that changed from the base of the PR and between 60dd522 and 55f03dc.

📒 Files selected for processing (1)

• src/Middleware/PreventAccessFromUnwantedDomains.php

---

📝 Walkthrough

Walkthrough

The middleware's handle() method was simplified to remove a redundant universal route check. The method now relies exclusively on shouldBeSkipped($route) for determining whether to skip access-prevention logic, eliminating duplicate logic.

Changes

Cohort / File(s)	Summary
Middleware Logic Simplification src/Middleware/PreventAccessFromUnwantedDomains.php	Removed explicit Tenancy::routeIsUniversal($route) check from the condition that determines whether to skip access-prevention logic. The shouldBeSkipped($route) method already handles universal route detection, making the explicit check redundant.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A hop, skip, and logic refine,
One less check makes the code align,
Universal routes now clearly flow,
Through shouldBeSkipped()'s guiding glow! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: removing a redundant universal route check from the middleware.
Linked Issues check	✅ Passed	The PR directly addresses issue #1418 by removing the redundant tenancy()->routeIsUniversal($route) check that was unnecessarily duplicated from shouldBeSkipped().
Out of Scope Changes check	✅ Passed	The change is narrowly focused on removing a single redundant condition as requested in issue #1418; no unrelated modifications are present.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch redundant-check

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Removes a redundant universal-route short-circuit from PreventAccessFromUnwantedDomains, relying on the existing route-mode checks to ensure universal routes naturally pass through without triggering access prevention.

Changes:

• Removed tenancy()->routeIsUniversal($route) from the early-return condition in the middleware.
• Leaves skipping behavior solely to shouldBeSkipped($route).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.