Monday, January 22, 2018
This is how I approached multi-tenancy in my application: Every user can be a part of one or multiple accounts (groups) through membership model. And because someone has to be in charge of the account (pay bills, admin stuff, etc), membership model has a boolean flag is_owner.
In application, all authenticated user routes are scoped by :account_id. After user logs in, he selects an account he want to open, and I redirect him to scoped overview page with account_id (for ex. https://example.com/123/overview). To avoid passing account_id parameter to every link on a page I set default_url_options to include it automatically.
To ensure that all shown data is part of that account, data models have account_id column, and I query those models through account association, for example:
@posts = current_account.posts
(current_account is a helper method which returns account object from params[:account_id])
And of course, I do user account/membership authorisation on every request so user could not access other accounts data by changing account_id in address bar.
Rolandas
On Mon, Jan 22, 2018, at 04:20, fugee ohu wrote:
On Sunday, January 21, 2018 at 7:28:54 PM UTC-5, Walter Lee Davis wrote:> On Jan 20, 2018, at 10:44 PM, fugee ohu <fuge...@gmail.com> wrote:>> is multitenancy only for apps that have users?Maybe. It depends on how you define it. Think about Basecamp for an example. Each user of that system logs into their own subdomain and manages their own data, without ever being able to access or see any other user's data. Yet if you are the owners of Basecamp, you think of it as one big site, with many users. Each user can make changes to the application that govern how it will appear to their clients, and that doesn't affect another user's clients' view of the site. Think about the most popular Gem in this arena -- it's named Apartment. What does an apartment have? Individual rooms where renters can change whatever they like without affecting anyone else in the building. Yet the owner thinks of it as one big building.So it's philosophical first, and then practical. What is the application you are trying to build? Is it meant for one client, or many users, each with their own group of sub-users? Or something else?Walter>> --> You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.> To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-ta...@googlegroups.com .> To post to this group, send email to rubyonra...@googlegroups.com .> To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/ .d6a41c52-badd-41ba-8d86- e47072611f0e%40googlegroups. com > For more options, visit https://groups.google.com/d/optout .What can my user's users do for me Let's say I have only 10 users but one of those users has a large number of users What's that do for my site? Am I gonna show my ads on their pages?
--You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.To post to this group, send email to rubyonrails-talk@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/e0067bed-d662-4d62-af94-7669fb74fbf3%40googlegroups.com.For more options, visit https://groups.google.com/d/optout.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment