Ask A Question

Notifications

You’re not receiving notifications from this thread.

Architecture for subscription with multiple users per account

Luca Rossi asked in Rails

Hi all!

I developed an app that uses Apartment for multitenancy, Devise for authentication and Pundit for auth. Each tenant is represented by a business (business model), where the id is also the tenant id. Businesses can have multiple users depending on the purchased plan yet to be implemented.

Each business will have an "owner" user, who will also be the first user created along with tenant (along with a few other tables in the tenant's schema. Business and User models are excluded from tenancy in Apartment.

I was hoping I could get some help/direction with the following:

  • Being the business table also the tenants table, would you hold the account information straight into this table or create an additional account table?

  • Since each business (account) can have multiple users, I am trying to figure out a solution to allow only the owner to manage the subscription and also to handle login attempts to expired account (i.e. fail any attempt from non owner users or redirect to subscription for renewal if the owner attempts to login)

Right now I am using Devise's active_for_authentication? in user.rb to check if the account is expired. If the logged user is also the owner, i then throw an exception that is handled in the application controller with a redirect to the subscription page. The problem is that the redirect then re-triggers the active_for_authentication? check causing a loop. Been trying different options such as checking if the current controller is subscriptions and stopping the active_for_authentication? but at this point I am not sure anymore whether I am going down the right path.

What do you guys think? Any ideas?

Thanks a lot in advance, I hope all the above makes sense :)

Luca

Reply

Ok, I solved the login redirection issue by using active_for_authentication? in user.rb to return true and allow the login only if the user is the owner in the case the account is expired.

  # Check if account is active or throw error
  def active_for_authentication?
    super && self.is_active
  end

  def inactive_message
    "Sorry, this account has been deactivated. Contact your employer for more information."
  end

  def is_active
    if self.business.expires > Date.today || self.role == 'owner'
      return true
    end
  end

I then redirect to the subscritpion page using before_action in the application controller where I check again if the subscription is expired.


        before_action :verify_subscription, :if => :user_signed_in?

    def verify_subscription
      if current_user.business.expires < Date.today
        redirect_to :subscription unless['SubscriptionController', 'SessionsController'].include?(self.class.to_s)
      end
    end
Reply
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 86,651+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.