In a multi-tenant user management system, common business scenarios are as follows:
User registration
The user performs the registration operation by filling in the mobile phone number and other information; this scenario re-verifies the validity of the user's mobile phone number, which is generally verified by SMS verification code;
Tenant registration
The user registers the tenant by filling in the relevant information of the tenant, and the user is the super administrator of the tenant by default. This scenario focuses on collecting relevant information about tenants;
User login
By verifying the user's mobile phone and password, etc., the user's login authentication operation is performed, and the user's associated tenant information is queried. This scenario focuses on the validity and legitimacy of user authentication, and verifies the tenant permissions that users have;
User app permissions
The tenant's application permissions are queried through the tenant selected by the user to operate, and the tenant's permissions are further verified when the user selects an application operation. This scenario focuses on the application display of the user's tenant and the verification that the user has application permissions under the tenant;
Admin authentication login
The background management of the multi-tenant user management system is a different login entry, which is only for administrator login operations. What needs to be determined in this scenario is that the logged-in user must be a tenant administrator, and the logged-in identity is correct and reliable;
Admin invites users
After the administrator logs in to the background, he can invite users to join the tenant in batches through mobile phone numbers. In this scenario, the organizational structure of the invited user needs to be determined. If it is not set, the default is the root organization; secondly, statistics are required to view the details of the invited user to join;
Administrators add application permissions
The administrator adds app permissions that can be used under the tenant. In this scenario, it is necessary to specify the applications that need to be added and the scope of user permissions of the applications (generally, the user permissions of tenants are divided into three categories: 1. All tenants, 2. According to the organizational structure, 3. Designated users under the tenant);
Administrators add secondary administrators
The super administrator adds a second level administrator. In this scenario, it is necessary to first determine whether the operator is a super administrator, secondly, whether the set second-level administrator is a valid tenant member, and finally set the second-level administrator's application permissions and data scope permissions;