Multi Tenancy within multi tenancy
Hi!
Has anyone ever tried to chain tenancies?
Like each customer has departments that have projects that have resources.
Departments should only have access to their projects.
Any ideas how to do that successfully and secure?
Thank you!
1 Reply
My first thought would be to scope the queries on the list pages (e.g. ListProjects, scoped by the user's department) and then implement some extra Authorization rules on the edit pages (prevent unauthorized access by direct URL).