Multi-tenancy with Rails

MULTI-TENANCY AND RAILS ,[object Object],RedDotRubyConf – Singapore 22-Apr-2011

Why do I care about this? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Paul Gallagher [email_address] evendis.com personal: tardate.com twitter.com/tardate

A long time ago in a galaxy far, far away…. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Multi-tenancy ,[object Object],[object Object],[object Object],[object Object]

Tenancy Models Social networks, LBS, Web 2.0 MSP/ASP, PaaS, IaaS Business, Enterprise 2.0, SaaS The same idea can manifest itself across the continuum – depending how you approach it

Tenancy Models Social networks, LBS, Web 2.0 MSP/ASP, PaaS, IaaS Business, Enterprise 2.0, SaaS Hardware/infrastructure challenge Application architecture challenge Explicit Rails support.. ..but our usage increasingly extends here

Key Concern: Data Partitioning

Four Data Partioning Techniques.. ,[object Object],[object Object],[object Object],[object Object],[object Object]

Instance Provisioning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],The Infrastructure Engineer’s solution

RBAC Partitioning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],User Model Query scoped by permissions The “I just groked CanCan and it’s awesome” solution

RBAC Partitioning ,[object Object],[object Object],[object Object],[object Object],[object Object],class Ability include CanCan::Ability def initialize(user) … # include nil so we can handle :new can :manage, Project, :tenant_id => [user.tenant_id, nil] … end end # then we can.. Project.accessible_by(Ability.new(current_user)) class ProjectsController < InheritedResources::Base prepend_before_filter :authenticate_user! load_and_authorize_resource # that’s all folks! end Proxy data access thru one model (user/tenant)

Model Partitioning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],users projects The Software Architect’s solution id tenant_id name … id tenant_id name …

Model Partitioning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

gem install multitenant ,[object Object],[object Object],class Account < ActiveRecord::Base has_many :users has_many :projects end class User < ActiveRecord::Base belongs_to :account belongs_to_tenant :account end class Project < ActiveRecord::Base belongs_to :account belongs_to_tenant :account end def belongs_to_tenant(association = :tenant) include DynamicDefaultScoping […] default_scope :scoped_to_tenant, lambda { return {} unless Multitenant.current_tenant where({reflection.primary_key_name => Multitenant.current_tenant.id}) } end I think I’d prefer this to return where('1=0')

gem install multitenant ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],# get a user user = User.find(1) => #<User id: 1, name: "a1-u1", account_id: 1 ..> # set the current tenant Multitenant.current_tenant = user.account => #<Account id: 1, name: "one” ..> # now model access is scoped Project.count => 2 # but we can bypass if we do so explicitly Project.unscoped.count => 4 # also, scoping bypassed if tenant not set Multitenant.current_tenant = nil Project.count => 4

gem install multitenant ,[object Object],class Project < ActiveRecord::Base belongs_to :account belongs_to_tenant :account validates_uniqueness_of :name, :scope => :account_id end

gem install multitenant class User < ActiveRecord::Base belongs_to :account belongs_to_tenant :account belongs_to :project end = simple_form_for [user] do |f| = f.error_messages = f.input :name = f.association :project user = User.find(1) => #<User id: 1, name: "a1-u1", account_id: 1 ..> Account.find(2).projects.first.id => 3 # set the current tenant Multitenant.current_tenant = user.account Project.where(:id => 3).present? => false # but we can still assign an inaccessible project: user.update_attributes(:project_id => 3).valid? => true # we can’t access the association user.project => nil # but the invalid key is persisted user.project_id => 3 Since all tenant-related models are scoped, our app will display valid options to the user But what if someone sneaks in with some form-injection?

gem install multitenant ,[object Object],class User < ActiveRecord::Base belongs_to :account belongs_to_tenant :account belongs_to :project validates_each :project_id do |record,attr,value| record.errors.add attr, "is invalid" unless Project.where(:id => value).present? end end

Schema Partitioning ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],See Guy Naor’s definitive presentation: confreaks.net/videos/111-aac2009-writing-multi-tenant-applications-in-rails Model AR::Connection PUBLIC TENANT1 TENANT2 TENANT n SET search_path TO TENANT2,PUBLIC; The “Now I’m using a real database let’s see what it can do” solution

Schema Partitioning User Queries Account Customer Project -- default search path: ‘$user’,PUBLIC PUBLIC

Schema Partitioning User Queries Account Customer Project PUBLIC User Account Customer Project TENANT1 SET search_path TO TENANT1, ‘$user’, PUBLIC;

Schema Partitioning User Queries Account Customer Project PUBLIC Customer Project TENANT1 SET search_path TO TENANT1, ‘$user’, PUBLIC;

Schema Partitioning ,[object Object],# default search path conn=ActiveRecord::Base.connection conn.schema_search_path => "amp;quot;$useramp;quot;,public" Project.count => 4 # but if we change the search path conn.schema_search_path = ”tenant1,public" Project.count => 2 public tenant1

Schema Partitioning ,[object Object],[object Object],[object Object],[object Object],[object Object]

Warez: gem install vpd ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],gem 'vpd' class ApplicationController < ActionController::Base protect_from_forgery before_filter :set_tenant def set_tenant schema_to_use = request.subdomains.last if schema_to_use.present? # now activate the schema (and make sure # it is migrated up to date) Vpd.activate(schema_to_use,true) else # ensure we are running with the default Vpd.activate_default end end end

Think about the End-user Experience My SaaS Site Tenant 1 Tenant 2 Tenant 3 Users Users Users

Think about the End-user Experience My SaaS Site Tenant 1 Tenant 2 Tenant 3 Users Users Users ,[object Object],[object Object],[object Object],[object Object]

Disambiguation ,[object Object],[object Object],[object Object],[object Object],[object Object]

Refactoring towards multi-tenancy ,[object Object],[object Object],[object Object],[object Object],[object Object]

Decide early ,[object Object],[object Object],[object Object],YAGNI! Do the simplest thing possible!

‘ Productize’ ,[object Object],[object Object]

The Good News ,[object Object],[object Object],[object Object],[object Object],[object Object]

We need a ‘Rails Way’ ,[object Object],[object Object],create_table :widgets, scope => :all do |t| t.string :name t.timestamps end scope :only => :instance do add_column :projects, :private_attrib, :string end scope :except => :public do add_column :projects, :private_attrib2, :string end

Multi-tenancy with Rails

Recommended

Recommended

More Related Content

What's hot

What's hot (8)

Similar to Multi-tenancy with Rails

Similar to Multi-tenancy with Rails (20)

Recently uploaded

Recently uploaded (20)

Multi-tenancy with Rails

Editor's Notes