Multi-tenant support

Question

Multi-tenant support

Closed this issue 4 years ago · 4 comments

628426 commented 4 years ago

I am interested in adding multi-tenant support so others can use it too.

I would appreciate some design/implementation guidance before I do it because I am not sure the best way to do it.

I am thinking along the lines of:

Add IsTenantPartition to WebVella.Erp.Database.DbField and the SDK PlugIn gui to allow people to mark a field as the TenantPartition. Should only be able to be added to Fields of type Identifier I guess and should not be able to be set if a field on the entity already has TenantPartition
Add to DbRecordPermissions CanSpanTenants indicating which roles are allowed to run queries across more than one TenantPartition
Extend ERPUser to add
Guid? CurrentTenantPartitionId
Change roles to optionally be assigned via tenant i.e.

USERID, TENANTID?, ROLEID

Change DbRecordRepository Create(RecordField), Update(RecordField), Delete(RemoveRecordField), Count, Find, GenerateWhereClause to automatically use the SecurityContext's TenantId if there is one or throw a security exception if the user is in a role only for a particular tenant and they don't have CurrentTenantId set

Answer 1 · 2020-08-19T10:50:17.000Z

We already had the idea for muti-tenant support, but the implementation is not looking easy. At the moment we are heavy loaded with some other projects with short deadlines and decided to leave that idea to "mature" until we have more free time. We definitely gonna support it in the future, but probably not soon.

I will write you back when i have any news about it.

Answer 2 · 2020-08-19T19:36:01.000Z

At the moment we are heavy loaded with some other projects with short deadlines and decided to leave that idea to "mature" until we have more free time. We definitely gonna support it in the future, but probably not soon.

Thanks, I have some time and am happy to have a go at implementing it if you have a design in mind

Answer 3 · 2020-08-19T19:41:26.000Z

I can help as well, but I only know ASP Core/MVC.

Answer 4 · 2020-08-20T10:15:02.000Z

I can help as well, but I only know ASP Core/MVC.

Thanks @papyr - we probably need a design from the maintainers, like @rumen-yankov or @bzashev and we can do something up in a branch in a fork for them to review.

As a rough starting design

Mark a field on an Entity as the tenant partition
Add a TenantID? to the ErpUser object
Add an optional TenantID as an attribute to the User <-> Role relationship
Add a permission, CanQueryAcrossTenants, to the entity
Inject WHERE {TenantIDColumn} = '{ErpUser.Current.TenantId}' into all Eql that is run by a user without CanQueryAcrossTenants permission
Support Tenant switching in the gui somehow maybe with a new page component "tenant switcher"

Re-opening the issue to make sure they maintainers see the interest in having this feature added