1

I have a database shared by many organisations (a multi-tennant scenario).

I would like to ensure that an authorised user can only view a single organisation's data without the need to to explicitly code such a constraint each time.

Is there a good approach with LightSpeed to do this?

Rohan West
  • 9,262
  • 3
  • 37
  • 64
Scott McKenzie
  • 16,052
  • 8
  • 45
  • 70
  • What do you mean by "each time"? How data from different organizations can be tell from the data from the same organization? – Andrew Savinykh Feb 29 '12 at 22:39
  • If I add a method to a Repository service to retrieve a list if users, I'd rather not have to specify that it is filtered by a particular tenant. I want it implicit, e.g. defined in some kind of base class for the query. – Scott McKenzie Mar 01 '12 at 02:39

2 Answers2

3

One possible solution is to have separate tables for each tenant, i.e tables prefixed with some sort of tenant identifier.

For example, if you have a customer table you could prefix it with the tenant name

Client1_Customer
Client2_Customer

Lightspeed has a built in naming strategy called the DefaultNamingStrategy which can be replaced with your own implementation of INamingStrategy. All you need to do is implement GetTableName so that you can identify the current tenant and select the corresponding table name.

Rohan West
  • 9,262
  • 3
  • 37
  • 64
1

I've discovered a great feature in LightSpeed called QueryFilterAttributes. I can create an organisational query filter attribute which will let an organisation ID be injected into a query much like LightSpeed's native soft delete.

Very slick.

Scott McKenzie
  • 16,052
  • 8
  • 45
  • 70