Multi tenant appication doubts


I’m developing a multitenant application with Yii, and I have some doubts to know what’s the best solution to my doubts and problems.

To ensure that the application is secure and a tenant cannot access to the data of other tenants, we are developing the solution described in this article

I will explain briefly the solution, all the registers of all the tenants are in the same table and are identified by a tenant identifier, so to avoid tenants can access to all the registers of that table due to a bug or a security attack, the access to the data is throug an SQL VIEW. This view only shows the records which tenant identifier is the same than the database username that is used to connect to the DB (CREATE VIEW v_product AS select * from tbl_product where user()= tenant identifier). So I have to know what tenant is and connect to the database with its identifier.

For that I write a new class CCustomClientActiveRecord which extends CActiveRecord and overwrites the getDbConnection() method, and all the models will extend from this new class. So my doubt is the same.

1- I’m new in php and yii and I don’t know where to put the CCustomClientActiveRecord to be found by the application, I put with the Yii framework files and inside the extensions folder and adding the path to the include section of the Yii configuration file, but the application doesn’t find this class. Can anyone help me in this? I come from Java and I’m lost without packages and imports :).

2- Overwrite the getDbConnection is the best solution to implement the solution of the article? Is there any other solution you think is better?

3- The way to identify the tenant identifier is by the domain and subdomain of the URL, this information will be in the DataBase but I would like to make a cache class that stores the last domains and subdomains requests and its tenant identifier. It should be stored in memory and common for all the request of the web server. What’s the best way to do it in php or Yii (I’m new)? Is there something similar developed in Yii?

Thanks in advance.



also, Kike is a very bad word, you might want to consider a new username

Couple thoughts.

I posted something very similar as I am working on a SaaS project that has the intermingled multi-tenant data.

Some approaches I found so far:

  1. See my 1st post

  2. The author of the Yii book uses filters to accomplish the same thing

  3. Session data as mentioned in the article you linked.