We have an application which is multi-tenant (lots of users all accessing their own

Question

0

Asked: May 18, 20262026-05-18T05:47:29+00:00 2026-05-18T05:47:29+00:00

We have an application which is multi-tenant (lots of users all accessing their own

0

We have an application which is multi-tenant (lots of users all accessing their own data, similar to something like Basecamp).

Question is, what is the simplest and easiest way in Rails to ensure that users can only see their own accounts data? Is it a case of going and checking every single query?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-18T05:47:29+00:00

Editorial Team

2026-05-18T05:47:29+00:00Added an answer on May 18, 2026 at 5:47 am

A way to make that happen:

Use subdomains, so its customer.domain.com …. Then in your Application controller, have a before filter that will find the subdomain and set a @customer variable
Always get data from the customer, so you say @customer.quotes.find(params[:id]) … rather than Quote.find(params[:id])

So, yes, in a multi-tenant database, you need to check every query.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

We have an application which is multi-tenant (lots of users all accessing their own

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply