Multitenency/Customer Defined Roles
Vista permissions (multi-tenant as well) works with those that serve a multi-tenancy model in the following ways:
- users and usersets are scoped by
org_id
(your customer's ID)
vc.users.create('user_id', 'org_id')
- roles can be scoped by
org_id
vc.roles.upsert('contractor', [{ # contractor can read all issues owned by their org resourceType: 'projects', attribute: 'issues', action: 'read', ownerId: 'orgOwned',}], 'org_id')
#
Customer Defined RolesRoles can be scoped to specific customers by supplying the org_id
when creating/updating (upserting) a Role. That role can only be applied to users and usersets in the same org.
Note - Setting org_id=VistaClient.ALL
, will create a global role available to all customers. Omission of the argument (in the python and js/typescript clients) will do the same.