Suppose you want to setup a multi-tenant Rails application with three user levels:
- Superadmin (can manage owners)
- Owner (can manage users of one tenant account)
- User (is a member of one tenant account)
The safest way to do this is to have two completely separate rails apps, one
just for the Superadmin at
superadmin.example.com and the other at
admin.example.com. The two apps connect to the same database, but have their
own model classes and views. This keeps owners far away from the superadmin
parts and allows scaling each independently while minimizing the chance of
leaking sensitive information. It often makes sense when the user-facing
application is very elaborate and stylish while the admin backend is just a
basic CRUD app.
The easiest way to let everybody login on the same app and just show
different navigation options based on the
current_user’s privileges. In this
scenario you have to make sure the superadmin controllers are well protected and
you do not leak sensitive information.
In both cases the apartment gem can help separating owners and users into their own tenant account by domain, subdomin or folder.