Configuring Multi-Tenancy for a SaaS CRM
Hi everyone!
I am trying to understand the concepts of Accounts, Users, and AccountUsers (I disabled personal accounts). I simply need to make a system where one "admin" user can manage only their Account.
I can accomplish the latter with roles, but users can currently create accounts. I assume the current 'admin' role should be only given to people in my staff, since they can have multiple Accounts.
So would a good solution be to create a new role, maybe called superuser, that can do anything an admin can besides manage other Accounts? Then regular users under an account will already have the correct permissions.
Ideally, I would want the whole concept of Accounts to be hidden from the end-user. They should only work in their own organization. Whenever there is no subdomain, the website should really work as a simple static product page.
P.S. If someone could give me a clear explanation of Users vs AccountUsers, I would also be very thankful!
I am trying to understand the concepts of Accounts, Users, and AccountUsers (I disabled personal accounts). I simply need to make a system where one "admin" user can manage only their Account.
I can accomplish the latter with roles, but users can currently create accounts. I assume the current 'admin' role should be only given to people in my staff, since they can have multiple Accounts.
So would a good solution be to create a new role, maybe called superuser, that can do anything an admin can besides manage other Accounts? Then regular users under an account will already have the correct permissions.
Ideally, I would want the whole concept of Accounts to be hidden from the end-user. They should only work in their own organization. Whenever there is no subdomain, the website should really work as a simple static product page.
P.S. If someone could give me a clear explanation of Users vs AccountUsers, I would also be very thankful!
AccountUser connects a user to an Account.
If you look at the AccountUser table you'll see an
This allows a many-to-many relationship.
So for the "superuser" you mentioned, you could look at Account owner field. I think the tenant approach is,
If you look at the AccountUser table you'll see an
account_id and a user_id field. Without this join table users wouldn't be connected to accounts and accounts wouldn't be connected to users.This allows a many-to-many relationship.
So for the "superuser" you mentioned, you could look at Account owner field. I think the tenant approach is,
current_account_user.account_owner?.
Ah now I feel like I should've figured that out.. Thank you so much
Brent
. The account_owner field is also perfect for me. Any ideas on how to take Account creation out of the scope of a User? Would it be as simple as removing the actions and replacing the Accounts resource with a Users one?
Brent
Quick update!
I'm not sure if this is what you're looking for, but I found a boolean attribute
So I can create users (without creating a default account) by setting that boolean attribute
My use case is a bit different though. I have everything tenanted to the subdomain (even the user).
Not sure if that helps?
I'm not sure if this is what you're looking for, but I found a boolean attribute
skip_default_account in the models/concerns/user_accounts.rb file. So I can create users (without creating a default account) by setting that boolean attribute
true when I submit the form.My use case is a bit different though. I have everything tenanted to the subdomain (even the user).
Not sure if that helps?
Notifications
You’re not receiving notifications from this thread.