On 15 April 2016 at 12:17, Eduardo Leones <edua...@ypytecnologia.com.br> wrote:
> I am developing a system in which my clients are companies. Every company
> needs to have its isolated from other business data.
google for "multi-tenant" web applications. warning: there are quite
strong opinions about how it should be done.
in particular, there's lots of advice of setting a separate database
for each tenant. It does have some advantages, but in practice it's
not easy to do in Django.
> My reasoning is to register each client (company) as a group within the
> Django auth system. Users of them would be users connected to this group.
Yes, this can work. Personally, instead of reusing the Group tabke, I
tend to create a specific 'Company' table, and add a 'company' foreign
key to users. The reasoning is that you _will_ have other groups that
are not companies (maybe internal divisions, or for access-level
privileges, whatever), and then you have the problem of separating two
kinds of groups.
> This line of thinking is correct? There is a decorators to limit access to
> the Group as a whole? In part of the Model link the data to a group is a
> good practice?
Make sure that every record can be traced to a specific Company, some
of them because they're linked to a User, or maybe by a direct
'company' link. Then be _absolutely_ sure that every database query
includes a company condition.
something like this:
@login_required
def getsomething(request, id):
thing = get_object_or_404(Thing,
department__company=request.user.company, id=id)
.... build response ...
It's tempting to put the "current" company somewhere and patch all
requests to include that, but it gets very complex quickly, and also
you get the problem of managing what in effect is a global variable.
not worth it.
--
Javier
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CAFkDaoRFnNY_jaMx%2BkwOuUaXivkMJm2zptCiExunDf6qjKGXeQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
