DEV Community

Mkparu Chisom
Mkparu Chisom

Posted on

Designing an ORM-Agnostic Multi-Tenant RBAC System in TypeScript

Why Most RBAC Systems Fail in SaaS

If you're building a SaaS platform, authorization is not just about roles.

It's about:

  • Tenant isolation
  • Schema flexibility
  • ORM independence
  • Safe migrations
  • Production-grade diagnostics

Most RBAC libraries:

  • Assume single-tenant systems
  • Hard-couple to one ORM
  • Break when integrating into existing schemas
  • Don’t scale operationally

So I built something different.


Introducing multi-tenant-rbac v2.x

A production-focused, adapter-first, multi-tenant RBAC layer for Node.js and TypeScript.

Core Principles

  1. Tenant isolation first.
  2. ORM-agnostic core logic.
  3. Schema remapping for enterprise integration.
  4. CLI-based scaffolding.
  5. Migration-safe production workflows.

What Changed in v2.x

Adapter-First Architecture

Core RBAC logic no longer depends directly on Sequelize or Mongoose.

Adapters are injected.

Configurable Schema Mapping

You can override:

  • models
  • foreign keys

This allows integration into existing enterprise databases without breaking conventions.

Safer Sync Behavior

syncOptions now defaults to:

  • alter: true
  • force: false

Production safety > convenience.

Idempotent Generated Migrations

Generated migrations:

  • create tables only if missing
  • add missing columns
  • never drop/recreate by default

Why This Matters for Enterprise Teams

Enterprise SaaS teams care about:

  • Stability
  • Predictable migrations
  • Controlled schema evolution
  • Clear diagnostics

multi-tenant-rbac v2.x was designed with that in mind.


Scope Clarification

This package provides:

  • Multi-tenant RBAC domain operations
  • Adapter contracts + default implementations
  • CLI scaffolding and validation tools

It does NOT replace:

  • Full application modeling
  • Policy engines
  • Deployment orchestration

Looking for Feedback

If you're building a SaaS platform and care about clean authorization architecture, I’d love architectural feedback.

GitHub: https://github.com/donchi4all/multi-tenant-rbac
npm: https://www.npmjs.com/package/multi-tenant-rbac

Top comments (0)