Organizations

Before we go into how Novel handles multi-tenancy, We'd love for you to check out this wonderful article by Andrew Culver, creator of Bullettrain, a rails starter kit

Novel comes with multi-tenancy enabled by default. This allows your SaaS customers to scope their actions based on an organization they belong with.

What this means is that any feature related to your SaaS should be developed with multi-tenancy in mind.

Data Model

There are 3 data models relevant to multi-tenancy

Novel implements a similar data model to the article written by Andrew Culver. A big difference is that subscriptions are by default, tied to an organization instead of the membership.

Signup

Novel will create an organization and an acount during sign up. This will also create a stripe customer and create a subscription for it against the organization created.

When the user logs in the next time, the organization will be attached to the session.

Sessions

Sessions in Novel include both the currently logged in user and the organization it is currently using. They are accessible using the request.org and request.account property of the current request.

Switch Organizations

Subscriptions

When the user is created, an organization is created and a stripe customer is created along with it.

This is important so that there is representation of the organization in stripe.

Any changes to the subscription is attached to the organization only. This can only be done by users with the correct permission.

import * as upgrade from 'app/features/lifecycle/upgrade';

export default async function Route (instance) {
	instance.authenticated();
	instance.post('/api/v1/subscription/upgrade', handler);

	async function handler (request, reply) {
		await request.throttle();
		await request.can('write', request.org.id);
		const orgId = request.org.id;

		/**
		 * See the implementation of the strategy in /app/features/lifecycle/upgrade.ts
		 *
		 * These may have additional requirements during creation like upfront payment
		 * and storing data. You may pass these to your upgrade lifecycle.
		 */

		const { plan, intent, method, interval } = request.body;
		await upgrade.start(request.session.id, { customer: orgId, plan, intent, method, interval });

		reply.status(204);
	}
}

Actions

It is important to always check the association of the current user against its membership of the target organization it is trying to perform an action on.

This is available with the Organizations Model.

import * as Organization from 'novel/organization';

export default async function Route (instance) {
	instance.authenticated();
	instance.cached();
	instance.get('/api/v1/organizations', handler);

	async function handler (request) {
		await request.throttle();
		await request.can('read', request.org.id);
		await Organization.isMember(request.org.id, request.account.id);
		const organizations = await Organization.isMemberOf(request.account.id);
		return { organizations };
	}
}

Activities

An organization may have activities recorded against actions made to it.

This is stored in the organization_events model. It is also available under the novel/activity module.

import * as activity from 'novel/activity';

await activity.org('SOMETHING_NEW', 'Something happened');

This will get the organization ID through the request context.

Single-Tenancy

It is possible to do this however by removing the organization related endpoints from the /app/api/v1directory.

This will force the user to sign up and interact with only organization.

Changelog

• 2024-12-20 - Initial Documentation