Yii2 Multi-Tenant Architecture - Choose correct database

Question

I am building an app using Yii2 and I am working with multi-tenant architecture. So... every client has his own database (identical structure).

What I have done so far:

• I declare all the different databases in the config/web.php file
• I have a master database that corresponds each user to his database. So, when someone logs in, the app knows what database should use.

What I have done but I am not sure about:

I created a file components/ActiveRecord.php with the following code:

<?php
namespace app\components;
use Yii;

class ActiveRecord extends \yii\db\ActiveRecord {

    public static function getDb() {
        if (isset($_SESSION['userdb'])) {
            $currentDB = $_SESSION['userdb'];
            return Yii::$app->get($currentDB);
        }
    }

}?>

So... on login I save the database on the session and in the aforementioned file which extends the default ActiveRecord I override the getDb function and I choose my own. Subsequently, I changed all models so they extend my ActiveRecord.

I am not sure that this strategy is correct but it almost works.

Where is the problem:

Everything works fine except from... RBAC! For RBAC I use the yii2-rbac extension. The problem is that the user is not getting his role from his database but from the first declared database in the config/web.php file. So, whatever the logged in user, the first db is used.

Question(s):

1. How can I solve this problem? Do you have any idea on where is the file that gives the role to the logged in user?
2. Bonus Questions: Do you think this strategy is wrong? If so, what would you suggest?

Thanks a lot in advance for your time and your support.

Answer 1

Question # 1: How can I solve this problem? Do you have any idea on where is the file that gives the role to the logged in user?

I would suggest you use yii2 admin extension for this purpose(https://github.com/mdmsoft/yii2-admin) that will solve your issue and it is the best extension to manage user role. use this link for better understanding (https://github.com/mdmsoft/yii2-admin/blob/master/docs/guide/configuration.md)

• Install above by following above URL or just add "mdmsoft/yii2-admin": "~2.0" in your composer.json file and run composer update.

• After successfully installed this extension run migration to create RBAC tables, if you already have then skipped it. yii migrate --migrationPath=@yii/rbac/migrations

• You have to do some configuration in your main.php to tell your application about public routes and for all other application route system will implement RBAC on them.

• This is what you have to add in your main.php file.

  'components' => [], 'as access' => [ 'class' => 'mdm\admin\components\AccessControl', 'allowActions' => [ 'site/login', // add or remove allowed actions to this list 'site/logout', 'site/error', 'site/index', ] ]

• Above settings will tell your application to make the login, logout, error and index function are public under site controller and all other applications routes need to have RBAC assignment to perform the action.

• main.php is exist in backend/config/main.php in my case, you can use according to your requirements may be in common/config/main.php

Question # 2: Bonus Questions: Do you think this strategy is wrong? If so, what would you suggest?

I think your approach is not extendable, I suggest you create a master database and use that for your application tenants with their databases.

• Setup tenant table in master database with tenant name, database required parameters

• Make master database connection in your application, that is used to get all tenant and there store DB connections from the master database.

  'db' => [ 'class' => 'yii\db\Connection', 'dsn' => 'mysql:host=127.0.0.1;dbname=master-db', 'username' => 'root', 'password' => 'root', 'charset' => 'utf8', ]

• Now at login page show tenants list to choose their info OR you can also play with the domain name as well if you are using the unique domain for each tenant. if you are using unique domain then you have to store domain name with tenant info in the master database to able to get tenant info based on the domain.

// Set Session Values on success login page OR read user domain and get tenant info from the master database and add into session.

``
  $tenant = Tenant::findOne(Yii::$app->request->post('tenant_id'));
  Yii::$app->session->set('DB_HOST', $tenant->DB_host);
  Yii::$app->session->set('DB_USER', $tenant->DB_username);
  Yii::$app->session->set('DB_PASS', $tenant->DB_password);
  Yii::$app->session->set('DB_NAME', $tenant->DB_name);
``

• Once you have tenant info you can get the tenant from the master database and add their database settings into SESSION.

• Create a BaseModel.php class and extend it with all of your application models classes.

• In you BaseModel.php add below method to make runtime DB connection based on domain or tenant selection from the login page.

public static function getDb(){ if ( Yii::$app->session->get('DB_HOST') ){ $host = Yii::$app->session->get('DB_HOST'); $dbName = Yii::$app->session->get('DB_NAME'); $dsn = "mysql:host=$host;dbname=$dbName"; Yii::$app->db->dsn = $dsn; Yii::$app->db->username = Yii::$app->session->get('DB_USER'); Yii::$app->db->password = Yii::$app->session->get('DB_PASS'); return Yii::$app->db; } }

• By doing this you will have the option to add multiple tenants from backend to master database and that will automatically available in your application.

I believe that this information is helpful for you.

Cheers!!!

Answer 2

Here is the documentation on dbmanager.

If the you want to get rbac info from a different database, this should work.

Inside your config folder, create a file called rbacdb.php. Add the following:

<?php

return [
'class' => 'yii\db\Connection',
'dsn' => 'mysql:host=<db host or ip>;dbname=<dbname>',
'username' => '<dbuser>',
'password' => '<dbPassword>',
'charset' => 'utf8',
];

Then go to your config file and find the authmanger section. It should look like this:

'authManager' => [
'class' => 'yii\rbac\DbManager',
'db'=> require(__DIR__ . '/rbacdb.php'),
'assignmentTable'=>'<tableName>',
'itemChildTable'=>'<tableName>',
'itemTable'=>'<tableName>',
'ruleTable'=>'<tableName>'
]

EDIT: after rereading your post...each user doesn't need their own rbac table/schema. use the system that Yii has in place.