0

I am having a problem with how will I correctly set the models of my rails application. I will use the gem Apartment for multi-tenancy and the gem Devise for authentication.

What I want to achieve is that I will have 3 user levels. The admin, owner, and user.

Basically, the admin handle all owners in the site, he can add, edit, and delete owners. Imagine that admin owns the whole website (https://example.com).

The owner will handle users, he can add, edit, and delete users. If the admin owns (https://example.com) then the owner only owns (https://owner1.example.com).

Each subdomain will have its own users handled by the owner. And all owners are handled by the admin.

What I have come up currently is having 2 models.

  • WebsiteAccount
  • UserAccount

WebsiteAccount will have subdomain and owner_name columns. UserAccount will have email, password, and user_level. Where user_level can be owner or user.

Then the Devise will be used on UserAccount model. The UserAccount model will only show data based on the subdomain.

Now the question is where does the admin account fall?

Do I create a separate model for it and also use Devise gem on that?

dcangulo
  • 1,888
  • 1
  • 16
  • 48
  • 1
    You're talking about a "superadmin", or an admin of all tenant applications. That's usually a regular user with a different flag, or membership to a "house account" that signifies superadmin status. – tadman Oct 31 '18 at 16:09

2 Answers2

0

I think you can work with same table and just adding role to each user, admin, owner and user (different table for roles or just boolean attribute for each one) and then just play with conditionals on this or some before_filter to validate that certain type of user can access to different views or run some actions. Doesn't seems too complicated.

xploshioOn
  • 4,035
  • 2
  • 28
  • 37
0

If you are using the apartment gem, you will need to create a new Devise user model for the 'admin' (e.g. AdminUser) and add that model to the config.excluded_models in your apartment config file: https://github.com/influitive/apartment#excluding-models. This will make AdminUsers records available at the top level domain. You can't just add a role to the UserAccount model because those records are scoped to each apartment 'tenant'.

You will also need to add WebsiteAccount to the config.excluded_models for apartment to allow those to be managed at example.com. This is assuming that you want WebsiteAccount to be your apartment 'tenants'.

To manage the UserAccount for each WebsiteAccount, you'll need to either manage that within each WebsiteAccount's subdomain, or do some tenant switching at example.com to gain access to and assign a UserAccount to a WebsiteAccount.

type-face
  • 1
  • 1
  • 1