Coding for super-tenant access

A super-tenant user (super tenant, in short) has access to all the data of a multi-tenant database, including all tenant and shared data, according to the data authorization provided by the user's permission settings. Super-tenant access is enabled by configuring the user's security domain with the name of a super tenant. Data authorization settings work the same as for any multi-tenant database user, with permissions for individual tables and fields set based on the user and domain name.

A super tenant has no real tenancy of its own, but always has the effective tenancy of a regular tenant. The initial tenancy of any super-tenant user is the default tenant. So, when initially logged in, a super-tenant user has implicit access to both default tenant and shared database objects. To support super-tenant access to multi-tenant database objects, ABL provides features to allow a super tenant to query and update database objects that belong to one or more of the regular tenants defined in the database. In addition, ABL allows a super tenant to identify the tenant and tenant group (if any) to which any given multi-tenant database record belongs.

These features, taken together, allow a super tenant to perform any run-time action on database objects, regardless of tenancy, and limited only by the data authorization permissions that are defined for a given super-tenant user. For example, if the super-tenant user identity has only can-read permissions on a given multi-tenant table, the super tenant can read instances of the table owned by all tenants, but cannot update any instances of the table.