The need
Q: Why do we need the option to allow tenant's to create their own roles?
A: So that they can correlate their business roles with the SaaS application roles rather than try to create a mental map of what business role maps to which application role
Q: It seems quite useful, but how much of an effort is this?
A: Though it seems to be a little more work, it is quite simple. This post will walk through how to build and use this model.
Database Design
Roles (id, name, description, createdby, createdon, updatedby, updatedon, status/isActive)
This table allows all the roles to be at the global level. There will be another table called as Tenant Role which map the roles against the tenant's
TenantRoles(id, tenantId, roleId, mappedby, mappedon, updatedby, updatedon, status/isActive)
In this table, we are mapping the roles to the tenants. Remember if the tenant has his own database, in that case, we can use only `Roles` table with all the tenant specific role
Illustration of the above logic to visualize how the tenant role are mapped
Comments
Post a Comment