Tenant and Tenant Roles

[akudjawu]

Hi @JonPSmith

I am currently working on a SaaS application where multiple tenants, such as Tenant A and Tenant B, have their own distinct sets of roles. My objective is to ensure that each tenant can only access and manage their own set of roles, while preventing them from viewing or accessing roles belonging to other tenants.

1. Tenant A -
   - Role A
   - Role B
   - Role C

2. Tenant B -
   - Role Y
   - Role E
   - Role C

Can I please archive this with current version of AuthP

I have actually tried but it, if I create any role with the RoleType => Normal it shows everywhere and I see a schema table RoleToPermissionTenant but no data is stored

[JonPSmith]

Hi @akudjawu,

The AuthP library provides a feature known as "Setup the “sign up / versioning” which adds tenant roles when creating a tenant. This allows a user to select the right balance of features against the price. The article "Multi-tenant apps with different versions can increase your profits" shows how you can create tenants with different Roles (see this section in the article).

But the limitation is that the SignInAndCreateTenant code is the only way to create a tenant which has tenant roles, but that isn't what you want to do. Tell me what to what to do and I will see if I can fine and suggestions.

[akudjawu]

Hi @JonPSmith

I've created 5 different tenants, and everything is fine. But if one of the tenant admins or a tenant user with permission creates a new role, all 5 tenants can see that new role. I don't want this. I want each tenant to have roles that are separate and not shared with the other 4 tenants.

[JonPSmith]

HI @akudjawu,

I said in my last comment that tenant roles are only be added when creating a new tenant, so you can't add new tenant roles to an existing tenant. This was done for the the "sign up / versioning" feature.

Also the design assumes that tenant admins CANNOT create Roles. That's because the person who creates a Role has access to all the Permissions, which allow a user to to gain access to features such as deleting a tenant, read another tenant's data etc. So, in my examples only a app admin can create Roles.

As I said before, tell me what type of of multi-tenant application you are trying to create and I will see if I can find any suggestions. I can't quite see why you want to create a multi-tenant app which gives tenant admins too much power. This design of the AuthP is to allow a tenant admin to control the user in their tenant via the Roles that the app admin or "sign up / versioning" provides.

[JonPSmith]

I was working on the AuthP code ready for .NET 8 and I checked on the tenant Roles part and here is corrections to my previous comments.

1. You CAN add / change tenant roles to a tenant via the UpdateTenantRolesAsync(int tenantId, List<string> newTenantRoleNames). See [this section](UpdateTenantRolesAsync(int tenantId, List newTenantRoleNames)) in the docs. However, tenant Roles can be applied to ANY tenant so you can't create a tenant Role that can only applied to one tenant. You would need to create your own code to hold which tenant Role are linked to which tenant.
2. I don't recommend it (even the comment on the code says so), but you could allow a tenant admin to create a tenant Role, but you have be very careful. You would need to:
   • Set the Permission's AutoGenerateFilter = true on Permissions that a tenant admin should have to. See this section in the "Permissions explained" documentation.
   • The IAuthRolesAdmin service has a method GetPermissionDisplay(bool excludeFilteredPermissions, string groupName = null) and if you set the excludeFilteredPermissions to true, then all the Permissions with the AutoGenerateFilter set to true won't be shown.

Sorry I didn't provide the right information in the first case, but I haven't worked on that section for over a year. I'm also think that the security of the tenant data is paramount, so I am warily of giving too much features to tenant admin users.

[akudjawu]

Not to worry at all and thanks for the clarity. I now understand clearly. It makes sense, and I appreciate the emphasis on security. I had considered the approach of 'creating your own code to hold which tenant roles are linked to which tenant,' but your explanation helps me grasp the thought process behind it.

I completely agree with your cautious approach to providing too many features to tenant admin users, as the security of tenant data is paramount. Thanks again for your help and insights.

Nevertheless, do you think "create your own code to hold which tenant Role are linked to which tenant." is a possible feature consideration or you had reasons not embarking on this.

I could try a PR sometime in the future if there was no reason and might fit a typical use case per your road map.

[JonPSmith]

'creating your own code to hold which tenant roles are linked to which tenant,'

I was asked how to add new parameters / data to the AuthP library and you can do this by creating a new DbContext to hold your own data. See my explanation on how you can do that.

I would be interested in the use case for your "Role per Tenant" feature, because I can't see why its useful. For me your "Role per Tenant" feature does not fit with the design / structure of the AuthP library, but you may know something I haven't thought of.