Documentation Home

Security Contexts

Security Contexts refer to the permissions that a user has when performing functions in the Broadleaf admin application.
The MultiTenant module provides an implementation that meets the security needs of most Multi-Site implementations and can
be further extended to support unique business requirements.

Like the community edition of Broadleaf, admin users are given roles and permissions which determine the menu options
available and the functions that the user can perform.

In MultiTenant, the system supports granting these roles in a "Security Context". The most common and easiest to grasp
is a "Site Security Context" meaning that a user would have a role but only in the context of a given site.

This can be understood more clearly by looking more closely at the data that drives this logic.

Understanding the Security Context Data Model

In reviewing the Data Model, you will notice the BLC_ADMIN_ADDL_SEC_CNTXT table. This table stores a relationship
between an AdminUser and a SecurityContext.

The SecurityContext contains a collection of Roles and Permissions. It also contains a ContextType and a
ContextKey. The ContextType can be one of SITE, CATALOG, or GLOBAL. The ContextKey represents the value that the
type applies to. For example, if a SecurityContext is of type SITE and has a value of 1, then any user that is
associated will be given the associated roles and permissions but only in the context of site 1.

About Global Admin Users

A Global admin user must have the BLC_ADMIN_USER.SECURITY_CONTEXT column set to GLOBAL. When this is the case,
ROLES and PERMISSIONS that are directly associated to the user are valid for any context. This means that if a
GLOBAL user has the Merchandiser permission then they will have that permission for all sites.

The system design accounts for a way to give a GLOBAL admin general access except for certain sites. Basically, if a
GLOBAL user has Site Permissions (of any kind) then the GLOBAL permissions will be ignored when in the context of that
site. This allows for scenarios such as giving a GLOBAL admin Admin access to all sites except for those for which you
give the user a more limited set of permissions.

In addition to allowing a Global Admin User to access all sites, a special role exists that you can assign to
these users. The role name is ROLE_GLOBAL_ADMIN. A user with this role is able to login to the global admin panel
which provides the ability to configure MultiTenant sites (for example to change the domain prefix or resolution method)
and manage other admin users.

About "Template" Roles

The system defines a special security context type named TEMPLATE. The intent of these roles is to allow your
Site Provisioning code to create the site specific Security Context when a new site is created. The template
roles mirror the non-multi-tenant roles provided by Broadleaf (e.g. CSR, Merchandiser, Content Editor, etc.) but are
intended to be used so that you can make copies of these out of box roles for your tenants so that they can modify them
for their specific purposes if needed.

Managing Site and Global Users

Typically, you won't be concerned about the details of how the data is stored for your admin users. Your Site Provisioning
process will create the initial admin user for the site and from there that user (or a global user) will create
additional site-admins as needed.