You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Design a general-purpose Multi Tenant Feature:
Several business applications may be used by multiple “clients”. Each client must only have access to his own data and projects.
SUGGESTED SOLUTION:
Define an app key by convention “app://principal/<key>”
Implement a handler class derived from Core4RequestHandler which automatically extracts and the principal and verifies the user has appropriate app://principal/<key> permissions. This validation is to be located outside resp. before the actual GET, POST, PUT, DELETE, OPTION method. The developer of the handler must not specify any additional code other than the routing pattern (i.e. how to extract the principal key from the URL)
NEXT STEPS:
Verify requirement and solution approach
The text was updated successfully, but these errors were encountered:
design confirmed. It might be useful to rename "tenant" into "client". Finally an approach is required to make all classes derived from Core4RequestHandler, e.g. the websocket handler, multi-client aware.
Design a general-purpose Multi Tenant Feature:
Several business applications may be used by multiple “clients”. Each client must only have access to his own data and projects.
SUGGESTED SOLUTION:
NEXT STEPS:
The text was updated successfully, but these errors were encountered: