Coalesce icon indicating copy to clipboard operation
Coalesce copied to clipboard
verified publisher icon IntelliTect

template: Tenancy

Open ascott18 opened this issue 1 year ago • 1 comments 

### Tasks
- [x] Switching: Choose tenant screen
- [x] Invitations: Generate link
- [x] Invitations: landing page for invitation link. Use existing account (MVP), or sign in with external (MVP), or create local account (future)
- [x] Self-service: tenant creation
- [x] Switching: link to switching page from top-right menu
- [ ] Hostname: middleware to set tenantID from host name
- [ ] Hostname: tables for hostnames
- [ ] Hostname: send correct hostname in invitation links
- [x] Global Admin: All-tenant admin area
- [x] Global admin: Create tenants
- [ ] ~~Global admin: Add users to tenants~~
- [x] Handle audit logs

ascott18 avatar Sep 11 '24 20:09 ascott18

Use Cases

  • Tenant decided per domain. No tenant switching, no determination based on user source (AAD/Google). Used for sites that have a public, unauthenticated aspect to them so that public users can be routed to a specific tenant.
    • ❤Users are explicitly invited to tenant (Goat)
    • 💜OR users are permitted to freely sign up to that tenant, or link their existing account to that count
  • Single domain. Can switch between tenants with a dropdown, maybe prompted on sign-in. Options:
    • 💙Tenant strictly tied to external sign in, tenants either created automatically based on external provider or explicitly created by "super admin" or a sign-up form. (Myriad, Wiki, STC)
    • 💛Tenant membership granted by being invited by an existing admin within that tenant, or by the "super admin" (AIS, CWA)
    • 💚Hybrid: 💛 + Automatic membership to home tenant. (Myriad desired)

Options (each actual template flag marked with ⭐, not all combinations are valid)

  • ⭐Base
    • Tenant table
    • TenantMembership table (User-Tenant many-to-many)
    • AppUser { bool IsGlobalAdmin }
    • Global query filter & save interceptor
    • TenantBase class
  • Membership:
    • ⭐Invitations from admins within the tenant
    • ⭐Invitations from Global Admin
    • ⭐Self-service sign-up or link existing account
    • ⭐Implicit from AAD/GSuite
  • ⭐Tenant decided by:
    • hostname
    • switching/prompt
    • future: path segment
  • Tenant creation:
    • ⭐Self-service sign-up form
    • ⭐Automatic from AAD/GSuite
    • ⭐super admin

ascott18 avatar Sep 13 '24 19:09 ascott18