Tenant Whitelist Management

Overview

The allowsAssigningRetailContent whitelist is a temporary mechanism that grants specific tenants (bookshops) the ability to manually assign retail content to users and plans. This bypasses the standard retail license restrictions that normally prevent manual content assignment.

Important

This is a temporary solution implemented while a proper feature is being developed. All changes should be carefully monitored and documented.

Technical Implementation

The whitelist is maintained in app/Support/Tenants.php:

Tenant Constants: Each whitelisted tenant has a defined constant with their tenant ID
Whitelist Method: The allowsAssigningRetailContent() method returns true for whitelisted tenants

// app/Support/Tenants.php

class Tenants
{
    // Individual tenant constants defined here
    const TENANT_NAME = [tenant_id];

    public static function allowsAssigningRetailContent(int $tenantId): bool
    {
        return in_array($tenantId, [
            // Array of whitelisted tenant constants
        ]);
    }
}

Business Context

Why This Exists

Some bookshops require the ability to manually assign marketplace content (retail license) to specific users or include it in subscription plans. The standard retail license restricts this functionality to ensure proper revenue tracking and marketplace integrity.

What It Enables

For whitelisted tenants, this allows:

Manual assignment of retail content to individual users
Inclusion of retail content in subscription plans
Bulk assignment of retail content to user groups

Standard Retail License Restrictions

Without this whitelist, retail licensed content:

Cannot be manually assigned to users
Cannot be included in plans
Can only be sold individually through the storefront
See License Business Rules for complete details

Process to Add a Tenant

Verify business approval and document the reason for the exception
Add tenant constant in app/Support/Tenants.php
Update the whitelist array in allowsAssigningRetailContent() method
Create MR targeting dev branch with business justification
Test by verifying the tenant can now manually assign retail content

Important Considerations

Monitoring

Whitelisted tenants should be monitored for:

Volume of manual assignments
Revenue impact
Any unexpected behavior

Future Development

This whitelist may be replaced by a proper feature with configurable permissions per tenant.

Security

Never add tenant IDs without proper authorization
Maintain clear documentation of why each tenant is whitelisted
Regularly review the whitelist for tenants that no longer need the exception

Code References

Whitelist implementation: app/Support/Tenants.php:41
Usage in content assignment: Search for allowsAssigningRetailContent usage
Related MRs: #11970 (Ceiba addition)

Overview​

Technical Implementation​

Business Context​

Why This Exists​

What It Enables​

Standard Retail License Restrictions​

Process to Add a Tenant​

Important Considerations​

Monitoring​

Future Development​

Security​

Related Documentation​

Code References​

Graph View