Users being able to login into any tenant schema

[Melendeze13]

Hello!

For my project, when accounts are made they're part of the public schema. From the docs, that's completely expected. My issue is when a tenant is created I need the accounts made under that tenant to only have access to that tenant. I understand that those accounts would still be in the public schema.

I'm pretty new to Django so I don't know if I need to do something with permissions.

Example of what's going on: Public Schema: public Tenant Schema: bigco account made in bigco.localhost : manager@bigco.com

A new schema is created: Tenant Schema: smallco

manager@bigco.com can log into smallco.localhost

Is there a way to handle this? I understand that part of the project is allowing users access to multiple schemas but I need a way to limit access.

Thanks!

[Wizely99]

Hello @Melendeze13 please check #485 I think it solves your issue

[Melendeze13]

This does solve my issue but makes me wonder how I should go about adding users to new tenant schemas.

Currently this middleware is prevent all users from logging into non-public tenants. This is the case even if the user is the owner of that tenant. I used provision_tenant when creating the new tenant.

Currently I have two cases:

1. A public user decides to create a new tenant so that tenant must be added as one of their tenants. (using provision_tenant)
2. A new tenant user is creating in the tenant domain. That user has to be added to both that tenant and the public domain.

Looking at the code it seems that add_user is only done for a public tenant. That makes sense. But I'm wondering, in order to solve my issues, would I have to just call add_user in my specific cases?

https://github.com/Corvia/django-tenant-users/blob/master/tenant_users/tenants/models.py#L99

Thanks again!

[Wizely99]

To add a specific user to a tenant you can use tenant.add_user(user, is_superuser=True, is_staff=True). This method creates the UserTenantPermissions and links the user to the tenant. if you check the UserProfile class (from which your User Model should inherit) you will see a tenants ManyToManyFieldwhere all tenants the user is allowed to access are stored

[Wizely99]

For example below is the code snippets from my UserCreateView

    def form_valid(self, form: BaseForm) -> HttpResponse:
        user: User = form.instance
                             >>>>>>
        ##Adding the user in the  current tenant  
        tenant: Client = self.request.tenant
        tenant.add_user(user, is_superuser=False, is_staff=False)
                 >>>>>>>>>>>>>>
       ##Adding the user to a group
        group = Group.objects.get(name="attendant")
        user.tenant_perms.groups.add(group)

if,for example,I would want to also add the user to the public schema I would have queried for the public tenant and added the user as follows

from django_tenants.utils import get_public_schema_name

public_tenant = Client.objects.get(schema_name=get_public_schema_name())
public_tenant.add_user(user, is_superuser=False, is_staff=False)

[Melendeze13]

@Wizely99 Thank you!

I really appreciate you providing the context it has definitely moved me along on my project!