Closed cwbrandsdal closed 10 months ago
Hi @cwbrandsdal,
Louis Miles asked a similar question to your requirements and you can read my reply here.
If you are creating a multi-tenant using the AuthP library, then you add some extra code to use a "multiple tenants" key instead of the single DataKey that AuthP uses. Here are the extra steps you need to do:
IGetDataKeyFromUser
interface, but provides your "multiple tenants" key.Program
/ startup code.IGetDataKeyFromUser
OnModelCreating
method you will add the ...HasQueryFilter(p => UserKey.Contains(p.GroupKey);
to each tenant entity class.NOTE: If you need the Admin access tenant data, then you have to do some more work. You can add code to make it work, but its a bit complex so I wouldn't add this unless your really need it.
PS. You also need to build some new admin code to create a many-to-many link between the AuthUser
and the Tenant
entity classes used by AuthP. That shouldn't be too complex.
Thank you so much! I was thinking something like this myself. The only thing that makes this a bit hard to work with is that with the new HasQueryFilter using Contains it really needs to have every single child. Do you know if there is a way to use the StartsWith on multiple values? It seems not to work from my testing because the DataKey/DataKeys are not populated before the HasQueryFilter is set up. I guess this makes it really hard. Do you have any suggestions on how I could do this? All help is appreciated. Thank you so much for a GREAT package! :-)
I'm not sure I fully understand your question, but one part stood out:
... the DataKey/DataKeys are not populated before the HasQueryFilter is set up.
The limitation of this approach is a user with many keys, e.g. south and west, cannot create a new entry because you need a single key (e.g. south) to set the DataKey
on the entity classes in the tenant database. I was assumed the data was read, but looks at sounds you want read AND write which adds complications. Here are a two approaches:
DataKey
on every new entity class is set to the value in the "CreateKey" properly.NOTE: I didn't explain how the DataKey
is set in the "five steps" - see this section in one of my articles.
I hope I have answered your question.
Is there a way to give a user access to multiple tenants in different parts of the structure? Example a user needs access to south and west, but not north and east. I guess this is hard because that would cause the user to need multiple DataAccess entries and also multiple DataKey?