Background
Currently ApplicationUser has a single OrganisationId FK, so a user can only be a member of one organisation at a time.
Desired behaviour
A user should be able to be a member of one or more organisations and switch between them at runtime (e.g. via a session-level selector).
Required changes
-
Domain / Infrastructure
- Replace
ApplicationUser.OrganisationId with a many-to-many join entity, e.g. OrganisationMember { UserId, OrganisationId, Role }.
- Add EF migration to drop the old FK column and create the join table.
-
TenantContext
- Change from reading the org from the user claim to resolving the active org for the session (cookie / claim added at login or via an org-switch endpoint).
-
Auth / Claims
ApplicationUserClaimsPrincipalFactory must emit the active org claim; multi-org users need a way to select or switch organisations.
-
UI
- Organisation switcher (header dropdown or dedicated page) for users who belong to more than one org.
-
Tests
- Update tenant-isolation tests to cover cross-org access attempts for multi-org users.
Out of scope
- Invitation / provisioning flow for adding a user to an additional org (separate ticket).
Background
Currently
ApplicationUserhas a singleOrganisationIdFK, so a user can only be a member of one organisation at a time.Desired behaviour
A user should be able to be a member of one or more organisations and switch between them at runtime (e.g. via a session-level selector).
Required changes
Domain / Infrastructure
ApplicationUser.OrganisationIdwith a many-to-many join entity, e.g.OrganisationMember { UserId, OrganisationId, Role }.TenantContext
Auth / Claims
ApplicationUserClaimsPrincipalFactorymust emit the active org claim; multi-org users need a way to select or switch organisations.UI
Tests
Out of scope