How to design a multi-tenant application
The example application below is a single HR-application that can be used by different companies (clients) at the same time. You don’t want employees of one company to be able to see or process the data of other companies. The system administrator must be able to see and manage all data in the system.
The system administrator is not an employee of a client company. A simple way to identify a system administrator is to use a flag in the data item User.
Create the flag System admin in the data item User.
In all flows that process employees, you must create filters that make sure a user can only process employees of his/her own company, unless the user is the system administrator.
The system administrator will see this:
A manager from ACER will see this:
The HP manager will see this:
Go to Design.
Open the user flow (in this example: Employees).
Open the overview page.
Proceed to the screen where you can define a filter.
Select Apply a filter.
Create this filter: the company of the current user = the company of the employee OR the current user is system administrator.
This means that a user will only see his colleagues. Except when the user is system admin, then there is no filter and he/she will see all employees.
Flow parts filter
Be aware that flow parts must know for which company they have to ‘work’.
Create an input containing the company.
The user flow where the flow part is included, provides the company: it is the company of the user.
Make sure that the system administrator cannot start such a flow part (e.g., a raise should only be applied to the employees of a single company and not to all employees in the system). The easy way to do that: set a filter on the button that calls the flow part.
Now the button only appears if the user is not a system administrator.
Create the input Company. It gets the input from the user flow.
Create a lookup for all employees of this company.
Perform the necessary actions, for instance, by creating a repeat action.