FEAT: use new database connection per tenant

Author: sru-thy

src/authorization/entity/abstract.tenant.entity.ts

@@ -4,7 +4,7 @@ import BaseEntity from './base.entity';
 class AbstractTenantEntity extends BaseEntity {
   @Column({
     type: 'uuid',
-    default: () => "current_setting('app.current_tenant')",
+    default: () => "current_setting('app.tenant_id')::uuid",
   })
   public tenantId!: string;
 }

src/authorization/repository/base.repository.ts

@@ -1,7 +1,56 @@
 import { DataSource, EntityTarget, ObjectLiteral, Repository } from 'typeorm';
+import { getConnection } from '../../util/database.connection';
 
 export class BaseRepository<T extends ObjectLiteral> extends Repository<T> {
+  private entityClass: any;
+
   constructor(entity: EntityTarget<T>, dataSource: DataSource) {
     super(entity, dataSource.createEntityManager());
+    this.entityClass = entity;
+  }
+
+  protected async getDynamicRepository(): Promise<Repository<T>> {
+    const connection = await getConnection();
+    return connection.getRepository(this.entityClass.name);
+  }
+
+  async find(options?: any): Promise<T[]> {
+    const repository = await this.getDynamicRepository();
+    return repository.find(options);
+  }
+
+  async findOne(options: any): Promise<T | null> {
+    const repository = await this.getDynamicRepository();
+    return repository.findOne(options);
+  }
+
+  async findOneOrFail(options: any): Promise<T> {
+    const repository = await this.getDynamicRepository();
+    return repository.findOneOrFail(options);
+  }
+
+  async findOneBy(options: any): Promise<T | null> {
+    const repository = await this.getDynamicRepository();
+    return repository.findOneBy(options);
+  }
+
+  async update(criteria: any, partialEntity: any): Promise<any> {
+    const repository = await this.getDynamicRepository();
+    return repository.update(criteria, partialEntity);
+  }
+
+  async delete(criteria: any): Promise<any> {
+    const repository = await this.getDynamicRepository();
+    return repository.delete(criteria);
+  }
+
+  async softDelete(criteria: any): Promise<any> {
+    const repository = await this.getDynamicRepository();
+    return repository.softDelete(criteria);
+  }
+
+  async count(options?: any): Promise<number> {
+    const repository = await this.getDynamicRepository();
+    return repository.count(options);
   }
 }

src/authorization/service/entity.service.ts

@@ -15,6 +15,7 @@ import { EntityPermissionRepository } from '../repository/entityPermission.repos
 import { PermissionRepository } from '../repository/permission.repository';
 import { EntityServiceInterface } from './entity.service.interface';
 import { ExecutionManager } from '../../util/execution.manager';
+import { getConnection } from '../../util/database.connection';
 
 @Injectable()
 export class EntityService implements EntityServiceInterface {
@@ -61,8 +62,8 @@ export class EntityService implements EntityServiceInterface {
     if (!existingEntity) {
       throw new EntityNotFoundException(id);
     }
-
-    await this.dataSource.manager.transaction(async (entityManager) => {
+    const entityManager = (await getConnection()).manager;
+    await entityManager.transaction(async (entityManager) => {
       const entityRepo = entityManager.getRepository(EntityModel);
       const entityPermissionRepo = entityManager.getRepository(
         EntityPermission,

src/database/database.module.ts

@@ -2,7 +2,6 @@ import { Module } from '@nestjs/common';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { ConfigModule, ConfigService } from '@nestjs/config';
 import { SnakeNamingStrategy } from 'typeorm-naming-strategies';
-import { ExecutionManager } from '../util/execution.manager';
 
 @Module({
   imports: [
@@ -23,18 +22,6 @@ import { ExecutionManager } from '../util/execution.manager';
         namingStrategy: new SnakeNamingStrategy(),
         synchronize: false,
         logging: true,
-        extra: {
-          poolMiddleware: async (query: string, params: any[]) => {
-            const tenantId = ExecutionManager.getTenantId();
-            if (tenantId) {
-              return [
-                `SELECT set_config('app.tenant_id', ${tenantId}, false) ${query}`,
-                params,
-              ];
-            }
-            return [query, params];
-          },
-        },
       }),
     }),
   ],

src/middleware/executionId.middleware.ts

@@ -16,7 +16,7 @@ export class ExecutionContextBinder implements NestMiddleware {
         }
         next();
       } catch (error) {
-        next(error);
+        next();
       }
     });
   }

src/migrations/1733833844028-MultiTenantFeature.ts

@@ -104,9 +104,33 @@ export class MultiTenantFeature1733833844028 implements MigrationInterface {
       CREATE POLICY tenant_isolation_policy ON "entity_permission"
         USING (tenant_id = current_setting('app.tenant_id')::uuid);
       `);
+    await queryRunner.query(`
+      ALTER TABLE "entity_permission" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "group" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "group_permission" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "entity_model" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "role" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "group_role" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "role_permission" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "user" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "user_group" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+      ALTER TABLE "user_permission" ALTER COLUMN "tenant_id" SET DEFAULT current_setting('app.tenant_id')::uuid;
+    `);
   }
 
   public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(`
+      ALTER TABLE "user_permission" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "user_group" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "user" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "role_permission" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "group_role" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "role" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "entity_model" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "group_permission" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "group" ALTER COLUMN "tenant_id" DROP DEFAULT;
+      ALTER TABLE "entity_permission" ALTER COLUMN "tenant_id" DROP DEFAULT;
+    `);
     await queryRunner.query(`
       DROP POLICY tenant_isolation_policy ON "user";
       DROP POLICY tenant_isolation_policy ON "role";

src/util/database.connection.ts

@@ -0,0 +1,68 @@
+import { getConnectionManager, DataSource } from 'typeorm';
+import { SnakeNamingStrategy } from 'typeorm-naming-strategies';
+import { LoggerService } from '../logger/logger.service';
+import { ExecutionManager } from './execution.manager';
+
+/**
+ * Get connection based on the logged in tenant
+ * @returns connection
+ */
+
+export async function getConnection(): Promise<DataSource> {
+  const tenantName = ExecutionManager.getTenantId();
+  return getConnectionForTenant(tenantName);
+}
+
+export async function getConnectionForTenant(
+  tenantId: string,
+): Promise<DataSource> {
+  if (getConnectionManager().has(tenantId)) {
+    const con = getConnectionManager().get(tenantId);
+    const existingConnection = await Promise.resolve(
+      con.isConnected ? con : con.connect(),
+    );
+    await switchToTenant(tenantId, existingConnection);
+
+    return existingConnection;
+  }
+
+  const newConnection: DataSource = await new DataSource({
+    name: tenantId,
+    type: 'postgres',
+    host: process.env.POSTGRES_HOST,
+    port: Number(process.env.POSTGRES_PORT),
+    username: process.env.POSTGRES_USER,
+    password: process.env.POSTGRES_PASSWORD,
+    database: process.env.POSTGRES_DB,
+    entities: [
+      __dirname + '/../**/*.entity.ts',
+      __dirname + '/../**/*.entity.js',
+    ],
+    synchronize: false,
+    logging: ['error'],
+    namingStrategy: new SnakeNamingStrategy(),
+    extra: { max: process.env.POSTGRES_TENANT_MAX_CONNECTION_LIMIT },
+  }).initialize();
+
+  await switchToTenant(tenantId, newConnection);
+
+  return newConnection;
+}
+
+const switchToTenant = async (
+  tenantId: string,
+  connection: DataSource,
+): Promise<void> => {
+  try {
+    await connection.query(`select set_config('app.tenant_id', $1, false)`, [
+      tenantId,
+    ]);
+  } catch (error) {
+    const logger = LoggerService.getInstance('bootstrap()');
+    logger.error(
+      `Failed to switch to tenant: ${tenantId}, error: ${JSON.stringify(
+        error,
+      )}]`,
+    );
+  }
+};