hi guys,
i'm busy designing features and code patterns and have a question about how to approach a multi-tenant build where different tenants have access to different features.
i.e.
features available [sales, orders, customers, messages] which means relevant pages and menu paths
tenant 1 for some reason has acces to only [sales, orders]
while tenant 2 has access to all features.
what would the best design approach here ???
i'm guessoing...
a- perform an EF staging migration to put all roles in each tenant the DB
b- enable / disable roles available to each tenant using a "super" admin user
c- restrict access to role management to a "super" admin user
d- allow users to map roles as erquired
is there a better method already established in Radzen ?
So i have been thinking about this and perhaps the simplest way to control role access is to use a combination of startup services and the tenant database.
by adopting a common ASPNET user access data schema, we could write a common set of roles with common ID's etc.
then in the tenant settings in appsettings.json have an array of available features.......
during startup i.e. deployment, have a little service run through each tenant, checking the database roles vs the requriements configured in app settings..... if the appsettings role = true or exists, then create the role (if it's doesnt exist) in the tenand DB
if the role = false in app settings, remove it if it exists, otherwise do nothing.
then in the application UI remove the role management pages....
thoughts?