Hello. I am working on building a multi tenant tool in Directus and trying to figure out how to properly set it up in the data collections and access controls using the system directus_users collection. There would be multiple locations (the tenants) and each location would have their own internal admin for their portal as well as an internal team that could have different roles per team member. The breakdown so far in my mind is:
location can have multiple team members
team member can be a member of one location
location can have many clients
each client is assigned to a single team member
team members can access the files and data for only themself and their clients
location admin can access all data and files for the location
collections like projects, tasks, notes, data from submitted forms, documents, etc will need access granted to team members based on the team member’s internal role (e.g. admin, manager, sales, support, etc.)
main dashboard would show overall stats and KPI for all team members to see but also be filterable to the stats and kpi of the current user (leads, sales, projects, tasks, notes, clients, documents, etc)
tasks, notes, projects, etc. can be assigned to any user (client, team member, location admin, etc) as well as to more than one user client + team member for instance.
That is all I can think of off the top of my head, but would be a big start.