Search code examples
authenticationauthorizationasp.net-core-webapimulti-tenant

Multi tenancy ASP.NET core

I'm trying to build ASP.NET core api where I have a few group of users. These groups have a common database, but from there they can only see the records assigned to them.

For example the user XYZ calling the controller returning the values from the Products table sees only those that were assigned to his group. And the same when he adds a new Product, only the users of his group see it, and other groups do not know about the existence of this Product.

I would like to ask you to explain to me how to do it in ASP.NET core, what libraries I could use, because unfortunately I don't know how to do it.

Thank you in advance for your help.

Solution

  • I don't think you need to search for a library or a framework to build this out, you can do the implementation as follows,

    • Create a table that reads as ProductPermissions
    • Make an entry for recordid, groupid, roleid in this table
    • After a user is assigned a group, the relevant tables should have the values like UserDetails, UserGroups, UserRoles etc
    • When I want to see the list of products that are accessible to me, I make a request to the GetProducts API.
    • The API gets my userid from the authentication process, roles and group ids
    • Now, you have to join the products table and the ProductPermissions table with the keys and filter by the groupid that I have been assigned.
    • The same logic applies for all the entity operations that I do, any action will be validated against the ProductPermissions table.

    Note

    In order to get a generic table than redundant ProductPermissions, you can have the table as EntityPermissions and then have the entityId (ex: Product, Category etc) as a column and that will be used a filter during joining so that you have a single table for all entities.