When logged in as the default host admin ([email protected]_, _1q2w3E*_), I am not able to see tenant users. I.e., the /api/identity/users endpoint returns only users whose tenant ID is also null, excluding users who indeed have a tenant ID.
Should I be creating functionality for this myself, like creating repositories that disable the multi-tenancy filter based on the user's role? Or, what is the correct way to handle this?
Basically, I need a "super admin" role that can do CRUD on all entities for all tenants.
duard-sf
All 5 comments
i think this is great idea
pranavpatil19
on 18 Nov 2019
this has been discussed in paid project repo. in fact it's not only the superadmin feature, but also shared Entities that should be seen by all tenants and stored in one shared database only. the team said they would implement it but never did. in fact, it is one of the reasons i stopped using the paid framework.
these are a basic scenario in SaaS business ... they just did not want to see it and instead, they concentrated on other minor changes that are often less important and not so critical.
Sorry for the not so positive comment but that is the truth. at least for my case.
scharada
on 18 Nov 2019
Thanks for the feedback. So I guess the only solution at the moment is to implement this manually.
duard-sf
on 19 Nov 2019
This is only possible when different tenant share the same database.
In my case, I create a middleware to disable multitenant datafilter when 'super admin' is detected.
app.UseMultiTenancy();
app.UseMiddleware<HostSideDisableTenantFilterMiddleware>();
public class HostSideDisableTenantFilterMiddleware
{
private readonly RequestDelegate _next;
private readonly ICurrentTenant _currentTenant;
private readonly ICurrentUser _currentUser;
private readonly IDataFilter<IMultiTenant> _multiTenantDataFilter;
private readonly ICurrentClient _currentClient;
public HostSideDisableTenantFilterMiddleware(RequestDelegate next, ICurrentTenant currentTenant,
ICurrentUser currentUser, IDataFilter<IMultiTenant> multiTenantDataFilter,ICurrentClient currentClient)
{
_next = next;
_currentTenant = currentTenant;
_currentUser = currentUser;
_multiTenantDataFilter = multiTenantDataFilter;
_currentClient = currentClient;
}
public async Task Invoke(HttpContext httpContext)
{
if (_currentUser.IsAuthenticated|| _currentClient.IsAuthenticated)
{
if (_currentTenant.Id == null)
{
using (_multiTenantDataFilter.Disable())
{
//Next
await _next(httpContext);
}
}
else
{
await _next(httpContext);
}
}
else
{
//Next
await _next(httpContext);
}
}
}
You can write your own logic to determine when to disable this filter
And I do not think it's a common case to see tenant data in host side for a Saas platform.
Goxiaoy
on 26 Dec 2019
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 29 Jul 2020
Related issues
hikalkan
路
3Comments
hikalkan
路
3Comments
hikalkan
路
3Comments
SmallShrimp
路
3Comments
mehdihadeli
路
3Comments
Most helpful comment
this has been discussed in paid project repo. in fact it's not only the superadmin feature, but also shared Entities that should be seen by all tenants and stored in one shared database only. the team said they would implement it but never did. in fact, it is one of the reasons i stopped using the paid framework.
these are a basic scenario in SaaS business ... they just did not want to see it and instead, they concentrated on other minor changes that are often less important and not so critical.
Sorry for the not so positive comment but that is the truth. at least for my case.