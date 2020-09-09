Multi Tenancy Plugin for Mongoose

Prelude

There are 3 ways of implementing multi-tenancy in mongoDB:

on document level (cheap and easy to administer but only secured by app logic)

on collection level (not recommended, due to breaking mongoDB concepts)

on database level (very flexible and secure but expensive)

About

The mongo tenant is a highly configurable mongoose plugin solving multi-tenancy problems on document level (for now...). It creates a tenant-reference field and takes care of unique indexes. Also it provides access to tenant-bound model-classes, that prohibit the exploid of the given tenant scope. Last but not least the "MAGIC" can be disabled so that shipping of the same code in single- and multi-tenancy environment (on premis vs. cloud hosted) is a question of a single line of config.

Requirements

Mongo tenant is compatible with mongoose 4 and 5.

Incompatibilities

Mongo Tenant does not work with mongoose 4.8.1-4.8.2 see Automattic/mongoose#4947.

Install

$ npm i -S mongo-tenant // or $ yarn add mongo-tenant

Use

Register the plugin on the relevant mongoose schema.

const mongoose = require ( 'mongoose' ); const mongoTenant = require ( 'mongo-tenant' ); const MySchema = new mongoose.Schema({}); MySchema.plugin(mongoTenant); const MyModel = mongoose.model( 'MyModel' , MySchema);

Retrieve the model in tenant scope with static byTenant method. This will return a new model subclass that has special tenant-scope guards. It has the exactly same interface as any other mongoose model but prevents the access to other tenant scopes.

const MyTenantBoundModel = MyModel.byTenant( 'some-tenant-id' ); ( new MyTenantBoundModel()).getTenantId() === 'some-tenant-id' ; ( new MyTenantBoundModel({ tenantId : 'some-other-tenant-id' })).getTenantId() === 'some-tenant-id' ;

You can check for tenant context of a model class or instance by checking the hasTenantContext property. If this is truthy you may want to retrieve the bound tenant scope with getTenantId() method.

if (SomeModelClassOrInstance.hasTenantContext) { const tenantId = SomeModelClassOrInstance.getTenantId(); ... }

Indexes

The mongo-tenant takes care of the tenant-reference field, so that you will be able to use your existing schema definitions and just plugin the mongo-tenant without changing a single line of schema definition.

But under the hood the mongo-tenant creates an indexed field (tenantId by default) and includes this in all defined unique indexes. So by default, all unique fields (and compound indexes) are unique for a single tenant id.

You may have use-cases where you want to archive global uniqueness. To skip the automatic unique key extension of mongo-tenant for a specific index you can set the preserveUniqueKey config option to true.

const MySchema = new mongoose.Schema({ someField : { unique : true , preserveUniqueKey : true }, anotherField : String , yetAnotherField : String }); MySchema.index({ anotherField : 1 , yetAnotherField : 1 }, { unique : true , preserveUniqueKey : true });

Context bound models and populate

Once a model with tenant context is created it will try to keep the context for other models created via it. Whenever it detects that a subsequent models tenant configuration is compatible to its own, it will return that model bound to the same tenant context.

const AuthorSchema = new mongoose.Schema({}); AuthorSchema.plugin(mongoTenant); const AuthorModel = mongoose.model( 'author' , AuthorSchema); const BookSchema = new mongoose.Schema({ author : { type : mongoose.Schema.Types.ObjectId, ref : 'author' } }); BookSchema.plugin(mongoTenant); const BookModel = mongoose.model( 'book' , BookSchema); const BoundBookModel = BookModel.byTenant( 'some-tenant-id' ); BoundBookModel.model( 'author' ); BoundBookModel.db.model( 'author' );

Configuration

The mongo tenant works out of the box, so all config options are optional. But you have the ability to adjust the behavior and api of the mongo tenant to your needs.

const config = { enabled : false , tenantIdKey : 'customerId' , tenantIdType : Number , tenantIdGetter : 'getCustomerId' , accessorMethod : 'byCustomer' , requireTenantId : true }; SomeSchema.plugin(mongoTenant, config);

Running Tests

Some tests rely on a running mongoDB and by default the tests are performed against 'mongodb://localhost/mongo-tenant-test'. The tests can also be run against a custom mongoDB by passing the custom connection string to MONGO_URI environment variable.

$ npm run hint $ npm run test -and-cover $ MONGO_URI= 'mongodb://user:password@xyz.mlab.com:23315/mongo-tenant-test' npm run test -and-cover

LICENSE

The files in this archive are released under MIT license. You can find a copy of this license in LICENSE.