Home
Blog
Rails Admin And Multitenancy

Rails Admin And Multitenancy

・2 min read
Rails Admin And Multitenancy

You may also like:

Design SaaS Product: 4 Reasons Why You Should Choose Ruby On Rails Framework

Design SaaS Product: 4 Reasons Why You Should Choose Ruby On Rails Framework

Read more

RAILS ADMIN VS. MULTITENANCY

Recently I started changing our single-tenant app into a multi-tenant one. Everything was going well until I stuck upon Rails Admin. As we all know, Rails Admin is a great tool to administer your data, among other gems like Administrate or Active Admin.

The challenge with Rails Admin I had was about scoping down the data so that given user sees data only from his tenant. I saw an issue on Github and unfortunately Rails Admin by default does not have an ability to add scopes with parameters. For instance, right now it is impossible to create an ActiveRecord scope to which we pass current user: That gave me an idea that maybe instead of adjusting the gem to handle the additional argument, I could create my logic for authorization. As I thought about it, I started walking through the CanCan authorization logic. Fortunately. The authorization logic was quite easy to understand and had some comments. I took an inspiration from the code and based on this, I created my own authorization, which is used for multi-tenancy.

IMPLEMENTATION OF MULTI-TENANT AUTHORIZATION

Here are the steps to set up Rails Admin with multi-tenancy:

  • CREATE A MODULE WITH CLASS AUTHORIZATIONADAPTER, WHICH CONTAINS LOGIC FOR AUTHORIZATION:
    In my particular case, I had to limit the data scope by checking if given model is in user tenant.
  • ADD A MULTITENANT EXTENSION TO RAILS ADMIN
  • USE THE AUTHORIZATION IN RAILS ADMIN CONFIG
    EXPLORING RAILS ADMIN CODE

I walked through the code and I was even adjusting the dashboard and index action so it can pass the current user argument to the scope, but after rethinking the problem, I took a different approach.

While reading the code, I saw that Rails Admin supports two kinds of authorization systems: CanCan and Pundit.

That gave me an idea that maybe instead of adjusting the gem to handle the additional argument, I could create my logic for authorization. As I thought about it, I started walking through the CanCan authorization logic.

Fortunately. The authorization logic was quite easy to understand and had some comments. I took an inspiration from the code and based on this, I created my own authorization, which is used for multi-tenancy.


Rate this article:

4,5

based on 0 votes
Our services
See what we can create for You
Our services

Awards & Certificates

reviewed on
30 reviews
  • Top 1000 Companies Global 2021
  • Top Development Company Poland 2021
HR dream team
  • 2020 HR Dream Team Award
  • 2016 Employer Branding Featured
  • 2015 HR Dream Team Award
ISO CertificateISO Certificate
  • Information Security Management System compliant with PN-EN ISO/IEC 27001
  • Business Continuity Management compliant with ISO 22301