from Hacker News

Building secure Multi-tenant applications in Elixir

by sheharyarn on 3/29/21, 1:20 PM with 3 comments

  • by sheharyarn on 3/29/21, 1:41 PM

    This obscure little feature in Ecto/Elixir is something we've been using at Slab.com for about a year. While the blog post only covers the feature itself, I wanted to give a better overview of *WHY* we're using it.

    Slab is a multi-tenant Phoenix app where all tables in our database, including pivot tables, have an `org_id` foreign key that references the team the data belongs to. Using association defaults enforces that the correct `org_id` value is automatically set for all resources.

    We combine this with an `OrgRepo` module that wraps around our default `Repo`, which can only write or read other resources with the same `org_id`, ensuring that data for one team has no possibility of accidentally leaking to another team (using `Repo` is forbidden in our codebase).

    An added bonus is; when we eventually have to scale our databases via something like sharding and have to vertically partition the data based on `org_id`, we would already have this system in place to support us.

  • by nickjj on 3/29/21, 7:23 PM

    I'd be curious how this compares to Ecto.Repo.prepare_query/3 at https://hexdocs.pm/ecto/multi-tenancy-with-foreign-keys.html... which sets you up for foreign key based multi-tenancy that can be enforced automatically in most common cases.

    Is your strategy meant to be an alternative to prepare_query?