Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Design a general-purpose Multi Tenant Feature #69

Closed
KralMar opened this issue Aug 30, 2019 · 3 comments
Closed

Design a general-purpose Multi Tenant Feature #69

KralMar opened this issue Aug 30, 2019 · 3 comments
Assignees
@m-rau
Milestone
release 0.4.0

Comments

@KralMar
Copy link
Contributor

KralMar commented Aug 30, 2019

Design a general-purpose Multi Tenant Feature:
Several business applications may be used by multiple “clients”. Each client must only have access to his own data and projects.

SUGGESTED SOLUTION:

  • Define an app key by convention “app://principal/<key>”
  • Define an endpoint scheme by convention https://example.com/application/<key>/what/so/ever
  • Implement a handler class derived from Core4RequestHandler which automatically extracts and the principal and verifies the user has appropriate app://principal/<key> permissions. This validation is to be located outside resp. before the actual GET, POST, PUT, DELETE, OPTION method. The developer of the handler must not specify any additional code other than the routing pattern (i.e. how to extract the principal key from the URL)

NEXT STEPS:

  • Verify requirement and solution approach
@KralMar KralMar added this to the release 0.4.0 milestone Aug 30, 2019
@m-rau m-rau self-assigned this Sep 2, 2019
@m-rau
Copy link
Contributor

m-rau commented Sep 3, 2019

design confirmed. It might be useful to rename "tenant" into "client". Finally an approach is required to make all classes derived from Core4RequestHandler, e.g. the websocket handler, multi-client aware.

@m-rau
Copy link
Contributor

m-rau commented Sep 3, 2019

implemented in branch mra.c4os#69. Regression tests have been implemented, too.

Pending: documentation.

m-rau added a commit that referenced this issue Sep 3, 2019
@m-rau
🆕 multi-client request handler (#69)
a4ae702
@m-rau m-rau mentioned this issue Sep 3, 2019
Merged
@m-rau
Copy link
Contributor

m-rau commented Sep 3, 2019

documentation added. pull request created

@m-rau m-rau closed this as completed Sep 3, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@m-rau m-rau

Labels
None yet
Projects
None yet
Milestone
release 0.4.0
Development

No branches or pull requests
2 participants
@m-rau @KralMar