MBS-10346: Allow more characters for tenant names

ai_info.php

@@ -29,7 +29,7 @@
 
 global $CFG, $DB, $OUTPUT, $PAGE, $USER;
 
-$tenantid = optional_param('tenant', '', PARAM_ALPHANUM);
+$tenantid = optional_param('tenant', '', PARAM_TEXT);
 $purposes = optional_param_array('purposes', [], PARAM_TEXT);
 
 // Check permissions.

classes/base_instance.php

@@ -510,7 +510,7 @@ final public function edit_form_definition(\MoodleQuickForm $mform, array $custo
         $mform->addElement('text', 'name', get_string('instancename', 'local_ai_manager'), $textelementparams);
         $mform->setType('name', PARAM_TEXT);
         $mform->addElement('text', 'tenant', get_string('tenant', 'local_ai_manager'), $textelementparams);
-        $mform->setType('tenant', PARAM_ALPHANUM);
+        $mform->setType('tenant', PARAM_TEXT);
         if (empty($this->_customdata['id'])) {
             $mform->setDefault('tenant', $customdata['tenant']);
         }

classes/form/purpose_config_form.php

@@ -46,7 +46,7 @@ public function definition() {
         $mform = &$this->_form;
 
         $mform->addElement('hidden', 'tenant', $tenant->get_identifier());
-        $mform->setType('tenant', PARAM_ALPHANUM);
+        $mform->setType('tenant', PARAM_TEXT);
 
         foreach (base_purpose::get_all_purposes() as $purpose) {
             $factory = \core\di::get(connector_factory::class);

classes/form/quota_config_form.php

@@ -44,7 +44,7 @@ public function definition() {
         $mform = &$this->_form;
 
         $mform->addElement('hidden', 'tenant', $tenant);
-        $mform->setType('tenant', PARAM_ALPHANUM);
+        $mform->setType('tenant', PARAM_TEXT);
 
         $mform->addElement(
             'header',

classes/form/rights_config_form.php

@@ -62,7 +62,7 @@ public function definition() {
         $mform = &$this->_form;
 
         $mform->addElement('hidden', 'tenant', $tenant->get_identifier());
-        $mform->setType('tenant', PARAM_ALPHANUM);
+        $mform->setType('tenant', PARAM_TEXT);
 
         $mform->addElement('hidden', 'userids', '', ['id' => 'rights-table-userids']);
         $mform->setType('userids', PARAM_TEXT);

classes/form/tenant_config_form.php

@@ -39,7 +39,7 @@ public function definition() {
         $mform = &$this->_form;
 
         $mform->addElement('hidden', 'tenant', $tenant);
-        $mform->setType('tenant', PARAM_ALPHANUM);
+        $mform->setType('tenant', PARAM_TEXT);
 
         $mform->addElement('selectyesno', 'tenantenabled', get_string('enable_ai_integration', 'local_ai_manager'));
 

classes/local/tenant.php

@@ -37,6 +37,7 @@ class tenant {
      * Tenant class constructor.
      *
      * @param string $identifier the tenant identifier; if left empty, the default tenant is being used
+     * @throws \invalid_parameter_exception If the provided identifier is invalid
      */
     public function __construct(string $identifier = '') {
         global $USER;
@@ -47,6 +48,16 @@ public function __construct(string $identifier = '') {
                 $identifier = self::DEFAULT_IDENTIFIER;
             }
         }
+
+        if ($identifier !== trim($identifier)) {
+            throw new \invalid_parameter_exception('Tenant identifier must not contain leading or trailing whitespaces.');
+        }
+        if (!preg_match('/^[A-Za-z0-9_\- ]+$/', $identifier)) {
+            throw new \invalid_parameter_exception(
+                'Tenant identifiers may only contain alphanumeric letters, hyphens, underscores or blank spaces.'
+            );
+        }
+
         $this->identifier = $identifier;
     }
 

classes/local/tenant_config_output_utils.php

@@ -36,7 +36,7 @@ class tenant_config_output_utils {
      */
     public static function setup_tenant_config_page(moodle_url $url): void {
         global $PAGE, $SESSION;
-        $tenantid = optional_param('tenant', '', PARAM_ALPHANUM);
+        $tenantid = optional_param('tenant', '', PARAM_TEXT);
 
         if (!empty($tenantid)) {
             $tenant = new \local_ai_manager\local\tenant($tenantid);

tests/local/tenant_test.php

@@ -0,0 +1,125 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+namespace local_ai_manager\local;
+
+/**
+ * Unit tests for the tenant data object.
+ *
+ * @package    local_ai_manager
+ * @copyright  2026 ISB Bayern
+ * @author     Johannes Funk
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+final class tenant_test extends \advanced_testcase {
+    /**
+     * Tests the validation of identifier string in the tenant constructor.
+     *
+     * @dataProvider tenant_name_validation_provider
+     * @covers \local_ai_manager\local\tenant::__construct
+     */
+    public function test_tenant_name_validation($name, $valid): void {
+        if ($valid) {
+            $tenant = new \local_ai_manager\local\tenant($name);
+            $this->assertSame($name, $tenant->get_identifier());
+        } else {
+            $this->expectException(\invalid_parameter_exception::class);
+            new \local_ai_manager\local\tenant($name);
+        }
+    }
+
+    /**
+     * Data provider.
+     *
+     * @return array identifiers with name and validity
+     */
+    public static function tenant_name_validation_provider(): array {
+        return [
+            'default_identifier' => [
+                'name' => 'default',
+                'valid' => true,
+            ],
+            'identifier_with_hyphen' => [
+                'name' => 'tenant-1',
+                'valid' => true,
+            ],
+            'identifier_with_space' => [
+                'name' => 'Maths Department',
+                'valid' => true,
+            ],
+            'identifier_with_hyphen_and_numbers' => [
+                'name' => 'School-123 Munich',
+                'valid' => true,
+            ],
+            'identifier_only_numeric' => [
+                'name' => '123',
+                'valid' => true,
+            ],
+            'identifier_with_multiple_spaces' => [
+                'name' => 'a b c',
+                'valid' => true,
+            ],
+            'identifier_with_underscore' => [
+                'name' => 'underscore_university',
+                'valid' => true,
+            ],
+            'identifier_with_exclamation_mark' => [
+                'name' => 'name!',
+                'valid' => false,
+            ],
+            'identifier_with_at_symbol' => [
+                'name' => 'name@domain',
+                'valid' => false,
+            ],
+            'identifier_with_hashtag' => [
+                'name' => 'name#hash',
+                'valid' => false,
+            ],
+            'identifier_with_percent' => [
+                'name' => 'percent%',
+                'valid' => false,
+            ],
+            'identifier_with_backslash' => [
+                'name' => 'newline\n',
+                'valid' => false,
+            ],
+            'identifier_with_umlaut' => [
+                'name' => 'unicode-ä',
+                'valid' => false,
+            ],
+            'identifier_with_slashes' => [
+                'name' => '/slashes/',
+                'valid' => false,
+            ],
+            'identifier_with_comma' => [
+                'name' => 'comma,comma',
+                'valid' => false,
+            ],
+            'identifier_with_HTML' => [
+                'name' => 'HTML-Tag<br />',
+                'valid' => false,
+            ],
+            'identifier_with_leading_whitespace' => [
+                'name' => ' Whitespace University',
+                'valid' => false,
+            ],
+            'identifier_with_trailing_whitespace' => [
+                'name' => 'Whitespace School ',
+                'valid' => false,
+            ],
+        ];
+    }
+}

view_prompts.php

@@ -35,7 +35,7 @@
 global $CFG, $DB, $OUTPUT, $PAGE, $USER;
 
 global $PAGE;
-$tenantid = optional_param('tenant', '', PARAM_ALPHANUM);
+$tenantid = optional_param('tenant', '', PARAM_TEXT);
 $contextid = optional_param('contextid', '', PARAM_INT);
 
 if (!empty($tenantid) && !empty($contextid)) {