3. Multi‐Tenancy Approach

Multi-Tenancy Approach

This project uses a single-database multi-tenant approach. The database is divided into schemas, with each schema representing a tenant. The schemas are isolated from each other. Role-based access is implemented by using the TenantGuard and TenantService.

The following outlines the approach taken to implement multi-tenancy in this project:

1. Database Structure: This project uses a single database with separate schemas for each tenant, which is a flexible approach for multi-tenancy. Tenant-specific tables are to be created in separate schemas, while keeping shared tables (ie 'tenants') in the public schema.
2. Row-Level Security (RLS): RLS policies in Supabase are implemented to ensure data isolation between tenants. This project has created policies that filter data based on the tenant ID.
3. Custom Claims (not used in this project): Utilize custom claims in JWT tokens to store tenant-specific information. This can be used to enforce access control and data isolation at the application level.
4. Authentication and Authorization: The project uses Supabase Auth for secure authentication. Role-based access control (RBAC) is used to manage permissions within each tenant.
5. Tenant Isolation: Users can only access data belonging to their tenant. This project has implemented guards in Angular to enforce tenant isolation.
6. Performance Optimization: Indexing strategies have been emplyed for tenant-specific queries. Consider caching frequently accessed data to improve performance.
7. Scalability: The database schema and application architecture have been designed to support horizontal scaling. This project uses connection pooling to manage database connections efficiently.