Hi Nikhil I guess this ultimately relates to the question how a practice knows about its patients and the related access path.
With tenancy the answer is: the patients are the ones with access rights for the practice. Maybe you could use a practice attribute 'practicePatients'. Then the answer is: the patients are the ones that use the services of the practice. (Many to many). Patrick Am 30.11.2017 12:58 nachm. schrieb "Nikhil Dhamapurkar" <nikhil.dhamapurkar@ healthengine.com.au>: Hi, I am working on supporting Multi Tenancy in Apache ISIS I have tried both 1) ApplicationTenancyEvaluator and 2) HasAtPath interfaces to control what the logged in user can see or execute. I have been able to make them work to an acceptable state but I face issue when I come across collections that are part of the entity I am evaluating. My Domain model has Patient / Practitioner entity both these entity can be associated with Different Practices at the same time. Example : PractitionerA belongs to PracticeA and PracticeB both, logged in User has “Role” to Access PracticeA. Issue with ApplicationTenancyEvaluator : since Practitioner and Practice have many to many relation even if the role has access to only one practice I’ll end up displaying PracticeB on wicket viewer which I want to prevent, Is it possible ? Issue with HasAtPath : I am creating Path programmatically with pattern as : ORG/org/PRACTICE/<practiceName>/ pattern which models a tree, then I can control user access to more than one Patient data if user at path is /ORG/org Or restrict access to one practice /ORG/org/PRACTICE/practiceA If the Patient Entity is associated with more than one practice My logic will Break as I would not know what should be the context for the for ORG/org/PRACTICE/<WhatShouldBeHere?> Does anyone have a better solution to tackle tenancy for a Collection within an entity? Regards Nikhil
