Hello,
I need to develop a multi-company application.
The user must login and select the company with which wants to work.
If I’m not mistaken, there are 2 options:
1.- Create a single multi-company database
2.- Create as many databases as companies have and change the connection to databases dynamically.
The problem I see in this case is how to implement the scriptcase security system.
I will appreciate help on this issue.
If the user is logging into the system and then selecting a company from a list, I would do a combined database with the login directing the user to the business selection application.
In the Scriptcase generated security folder, edit the app_secLogin program and under Events, onValidateSuccess use the sc_redir option to direct the user to the appropriate app.
Hope this helps
Hi @quality
You can use only one database with a field company id in the tables you need to filter by. If you want to make a Saas system for example, you can have a main admin and then a company admin. So you can manage the security by company. When the super admin creates a Company, also create a company admin, who can create the company users, always with the company id.
I have many systems like this.
Is not necessary to specify the company at login, because the user is linked to one. So the system knows user/company but you must validate the user name and the email to be unique.
Regards.
If the companies are unrelated, I would not put the data in one database based on some company identification but use separate databases. That way, you will never have a situation where users are looking at the wrong data, which might encounter privacy issues. (ie. in case of a query error etc,) Of course, you have the disadvantage of having multiple RBA instances, but I would take that disadvantage. Data leaks are a serious issue in the EU, with strict privacy laws. If you want just one login screen, then the option is to ask for the company, to make separate urls or use a master database to store userid’s with company and keep those unique.
Thanks for your comments.
In this case it is the same customer with different companies.
The simple solution is what @gbillot3 comments, a single database with one id per company but it is true that due to an error some sql query can slip through and retrieve information that the worker should not see.
The safest solution is the one indicated by @aducom, but the problem comes if the client has many companies.
It is not optimal to maintain x databases with the same forms.
I will think about it.
You must create a good design for your database support multi companies. so you create just one project for all your clients. that apply for you security module too.
For many companies for one customer, I prefer one database. You must be tidy to add the company id in all tables you need in order to filter grids, selects, etc.
Good luck!
Yes, I agree with that! Use this advice, because it is easier to maintain data and data privacy.
All my projects are multi-company and I have tried using both the options.
The difference is that if your data volume is high, then there should be a separate database, otherwise it becomes very slow.
If the data volume is less then keeping it in single database with company id is fine, but when there are too many companies then it also becomes slow.
For this reason, I think it is better to have a separate database, in which you can provide company-wise user and security rights, and each company’s user will be different.
But in this, when you will create a new company, at that time you will have to create a new database and all the tables will also have to be created.
Thank you all
@AmitGK, If I use the separate databases option, can I use a single development?
Could I use the same apps and should I just change the connection depending on the company selected?
Yes you can use a single development and change the connection depending on the company selected and using some global variables like company id, database name, database username etc…