Search code examples
firebasedatabase-designgoogle-cloud-firestoredatamodel

How would one create a multitenant datamodel in a nosql solution like firestore?

What do I mean by multi-tenant?

  1. Users can belong to an organization.
  2. A user who signs up without any invitation from anyone, gets placed in their own organization (blah123) as its admin.
  3. Multiple such users are founders of their own single organization in the same firestore based application. They can invite others and those invited join the founder's organization.
  4. Any data created for the organization or any data created by the users of that organization should be segragated from the users of another organization.
  5. If we want, we should be able to configure the users that belong to the same organization to view any data that other users of that organization created.

Question

As an expert, do you think this is an impossible datamodel to design for Cloud Firestore? What would a datamodel that can do this, look like?

Solution

  • As an expert, do you think this is an impossible datamodel to design for firestore?

    Definitely is not impossible, actually is very simple.

    What would a datamodel that can do this, look like?

    A possible database schema for your use-case might be:

    Firestore-root
   |
   --- users (collection)
   |    |
   |    --- uid (document)
   |         |
   |         --- organizations: ["organizationId", "organizationId"] (array)
   |         |
   |         --- //Other user properties
   |
   --- organizations (collection)
         |
         --- organizationId (document)
                |
                --- users: ["uid", "uid"] (array)
                |
                --- //Other organization properties
                |
                --- organizationData (collection)
                      |
                      --- organizationDataId (document)
                             |
                             --- //Organization Data properties

    Users can belong to an organization.

    As you can see, the id of the user is added in users array which is a property within each organizationId document. Beeing an array, you can add all user ids of all users that are apart of that particular organization.

    A user who signs up without any invitation from anyone, gets placed in their own organization (blah123) as its admin.

    Once a user signs up, you create a new organization by generating a new organizationId and add user's in users array.

    Multiple such users are founders of their own single organization in the same firestore based application. They can invite others and those invited join the founder's organization.

    Answered above.

    Any data created for the organization or any data created by the users of that organization should be segragated from the the users of another organization.

    As you can see, I have created a subcollection named organizationData under organizationId document in which you can add as documents organization data. Because you already have the uid's of the user that are apart of this organization, you can simply use Firestore security rules to allow only those users to read that data.

    If we want, we should be able to configure the users that belong to the same organization to view any data that other users of that organization created.

    In that case, when a user joins an organization you should first get all the user objects of that organizations, then query the database to get all the organizations that those users are apart of and copy the uid in all those organizations.

    That's it :)