feat: implement end-to-end dynamic keyPrefix for complete tenant data isolation

The keyPrefix attribute in @IndexingOptions now controls both the index
configuration AND the actual key storage location for documents. This
provides complete multi-tenant data isolation where each tenant's data
is stored with different key prefixes.

Changes:
- Add resolveDynamicKeyspace() to RedisJSONKeyValueAdapter for @document entities
- Add resolveDynamicKeyspace() to RedisEnhancedKeyValueAdapter for @RedisHash entities
- Update put(), get(), delete() methods to use dynamic keyspace resolution
- Update Product entity to use dynamic keyPrefix with SpEL expressions
- Add comprehensive testTenantSearchIsolation() test for end-to-end verification
- Update multi-tenant documentation to reflect complete isolation support

Example usage:
@IndexingOptions(
    indexName = "products_#{@tenantService.getCurrentTenant()}_idx",
    keyPrefix = "#{@tenantService.getCurrentTenant()}:products:"
)

For tenant "acme":
- Index: products_acme_idx
- Keys stored as: acme:products:<id>

Author: bsbodden

demos/roms-multitenant/src/main/java/com/redis/om/multitenant/domain/Product.java

@@ -14,21 +14,22 @@
 import lombok.NoArgsConstructor;
 
 /**
- * Product entity with dynamic tenant-aware indexing.
+ * Product entity with dynamic tenant-aware indexing and storage isolation.
  *
- * <p>The index name is resolved at runtime using SpEL expressions
+ * <p>Both the index name and key prefix are resolved at runtime using SpEL expressions
  * that reference the TenantService bean to get the current tenant context.
- * This allows creating separate indexes per tenant dynamically.
- *
- * <p>Note: The keyPrefix is intentionally left blank to use the default
- * keyspace from Spring Data Redis. All tenants share the same data storage
- * but can have different search indexes. For true data isolation, implement
- * a custom repository or use tenant-aware key generation.
+ * This provides complete tenant isolation for both search indexes and data storage.
  *
  * <p>Example for tenant "acme":
  * <ul>
  * <li>Index name: products_acme_idx
- * <li>Storage keyspace: com.redis.om.multitenant.domain.Product:
+ * <li>Storage keyspace: acme:products:
+ * </ul>
+ *
+ * <p>Example for tenant "globex":
+ * <ul>
+ * <li>Index name: products_globex_idx
+ * <li>Storage keyspace: globex:products:
  * </ul>
  */
 @Data
@@ -37,7 +38,8 @@
 @Builder
 @Document
 @IndexingOptions(
-    indexName = "products_#{@tenantService.getCurrentTenant()}_idx", creationMode = IndexCreationMode.SKIP_IF_EXIST
+    indexName = "products_#{@tenantService.getCurrentTenant()}_idx",
+    keyPrefix = "#{@tenantService.getCurrentTenant()}:products:", creationMode = IndexCreationMode.SKIP_IF_EXIST
 )
 public class Product {
 

demos/roms-multitenant/src/test/java/com/redis/om/multitenant/RomsMultitenantApplicationTests.java

@@ -4,9 +4,12 @@
 
 import java.util.List;
 
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.test.context.DynamicPropertyRegistry;
 import org.springframework.test.context.DynamicPropertySource;
 import org.testcontainers.junit.jupiter.Container;
@@ -41,6 +44,21 @@ static void redisProperties(DynamicPropertyRegistry registry) {
   @Autowired
   private ProductRepository productRepository;
 
+  @Autowired
+  private StringRedisTemplate redisTemplate;
+
+  @BeforeEach
+  void setUp() {
+    // Reset to default tenant before each test
+    tenantService.setCurrentTenant("default");
+  }
+
+  @AfterEach
+  void tearDown() {
+    // Clean up tenant context after each test
+    tenantService.clearTenant();
+  }
+
   @Test
   void contextLoads() {
     assertThat(tenantService).isNotNull();
@@ -69,42 +87,121 @@ void testMultiTenantIndexCreation() {
   }
 
   @Test
-  void testTenantSpecificIndexCreation() {
+  void testTenantSpecificIndexAndKeyspaceCreation() {
     // This test verifies that:
     // 1. Different indexes can be created for different tenants
     // 2. The index names are dynamically resolved based on tenant context
-    //
-    // Note: Full search isolation requires storing documents with tenant-prefixed keys,
-    // which requires custom repository implementations or interceptors beyond
-    // the scope of basic @IndexingOptions support.
+    // 3. The keyspace is also dynamically resolved for tenant isolation
 
     // Create index for tenant A
     tenantService.setCurrentTenant("test_tenant_a");
     indexer.createIndexFor(Product.class);
     String indexNameA = indexer.getIndexName(Product.class);
+    String keyspaceA = indexer.getKeyspaceForEntityClass(Product.class);
 
     // Create index for tenant B
     tenantService.setCurrentTenant("test_tenant_b");
     indexer.createIndexFor(Product.class);
     String indexNameB = indexer.getIndexName(Product.class);
+    String keyspaceB = indexer.getKeyspaceForEntityClass(Product.class);
 
     // Verify that different tenants get different index names
     assertThat(indexNameA).isEqualTo("products_test_tenant_a_idx");
     assertThat(indexNameB).isEqualTo("products_test_tenant_b_idx");
     assertThat(indexNameA).isNotEqualTo(indexNameB);
 
-    // Verify the index name changes dynamically based on current tenant
+    // Verify that different tenants get different keyspaces
+    assertThat(keyspaceA).isEqualTo("test_tenant_a:products:");
+    assertThat(keyspaceB).isEqualTo("test_tenant_b:products:");
+    assertThat(keyspaceA).isNotEqualTo(keyspaceB);
+
+    // Verify the index name and keyspace change dynamically based on current tenant
     tenantService.setCurrentTenant("test_tenant_a");
     assertThat(indexer.getIndexName(Product.class)).isEqualTo("products_test_tenant_a_idx");
+    assertThat(indexer.getKeyspaceForEntityClass(Product.class)).isEqualTo("test_tenant_a:products:");
 
     tenantService.setCurrentTenant("test_tenant_b");
     assertThat(indexer.getIndexName(Product.class)).isEqualTo("products_test_tenant_b_idx");
+    assertThat(indexer.getKeyspaceForEntityClass(Product.class)).isEqualTo("test_tenant_b:products:");
+  }
+
+  @Test
+  void testTenantSearchIsolation() {
+    // This test verifies complete tenant isolation:
+    // - Data saved by tenant A is only visible to tenant A
+    // - Data saved by tenant B is only visible to tenant B
+    // - Documents are stored with tenant-prefixed keys
+
+    // Setup: Create indexes for both tenants
+    tenantService.setCurrentTenant("acme");
+    indexer.createIndexFor(Product.class);
+
+    tenantService.setCurrentTenant("globex");
+    indexer.createIndexFor(Product.class);
+
+    // Save product as tenant "acme"
+    tenantService.setCurrentTenant("acme");
+    Product acmeProduct = Product.builder()
+        .name("Acme Widget")
+        .category("Widgets")
+        .price(29.99)
+        .active(true)
+        .build();
+    acmeProduct = productRepository.save(acmeProduct);
+    String acmeProductId = acmeProduct.getId();
+
+    // Verify the key is stored with tenant prefix
+    Boolean acmeKeyExists = redisTemplate.hasKey("acme:products:" + acmeProductId);
+    assertThat(acmeKeyExists).isTrue();
+
+    // Save product as tenant "globex"
+    tenantService.setCurrentTenant("globex");
+    Product globexProduct = Product.builder()
+        .name("Globex Gadget")
+        .category("Gadgets")
+        .price(49.99)
+        .active(true)
+        .build();
+    globexProduct = productRepository.save(globexProduct);
+    String globexProductId = globexProduct.getId();
+
+    // Verify the key is stored with tenant prefix
+    Boolean globexKeyExists = redisTemplate.hasKey("globex:products:" + globexProductId);
+    assertThat(globexKeyExists).isTrue();
+
+    // Verify search isolation: tenant "acme" should only see their products
+    tenantService.setCurrentTenant("acme");
+    List<Product> acmeProducts = productRepository.findByCategory("Widgets");
+    assertThat(acmeProducts).hasSize(1);
+    assertThat(acmeProducts.get(0).getName()).isEqualTo("Acme Widget");
+
+    // Acme should NOT see Globex's products
+    List<Product> acmeGadgets = productRepository.findByCategory("Gadgets");
+    assertThat(acmeGadgets).isEmpty();
+
+    // Verify search isolation: tenant "globex" should only see their products
+    tenantService.setCurrentTenant("globex");
+    List<Product> globexProducts = productRepository.findByCategory("Gadgets");
+    assertThat(globexProducts).hasSize(1);
+    assertThat(globexProducts.get(0).getName()).isEqualTo("Globex Gadget");
+
+    // Globex should NOT see Acme's products
+    List<Product> globexWidgets = productRepository.findByCategory("Widgets");
+    assertThat(globexWidgets).isEmpty();
+
+    // Cleanup
+    tenantService.setCurrentTenant("acme");
+    productRepository.delete(acmeProduct);
+
+    tenantService.setCurrentTenant("globex");
+    productRepository.delete(globexProduct);
   }
 
   @Test
   void testProductSaveAndSearchWithDefaultTenant() {
     // Use default tenant (set at application startup)
     tenantService.setCurrentTenant("default");
+    indexer.createIndexFor(Product.class);
 
     // Save a product
     Product product = Product.builder()
@@ -116,6 +213,10 @@ void testProductSaveAndSearchWithDefaultTenant() {
     product = productRepository.save(product);
     assertThat(product.getId()).isNotNull();
 
+    // Verify the key is stored with tenant prefix
+    Boolean keyExists = redisTemplate.hasKey("default:products:" + product.getId());
+    assertThat(keyExists).isTrue();
+
     // Search should find the product when using the same tenant context
     List<Product> found = productRepository.findByCategory("TestCategory");
     assertThat(found).hasSize(1);

docs/content/modules/ROOT/pages/multi-tenant-support.adoc

@@ -67,7 +67,7 @@ public class TenantController {
 
 === SpEL-Based Index Names
 
-Use Spring Expression Language for dynamic index naming. Here's a working example from the `roms-multitenant` demo:
+Use Spring Expression Language for dynamic index naming and keyspace (key prefix) resolution. Here's a working example from the `roms-multitenant` demo:
 
 [source,java]
 ----
@@ -79,6 +79,7 @@ Use Spring Expression Language for dynamic index naming. Here's a working exampl
 @Document
 @IndexingOptions(
     indexName = "products_#{@tenantService.getCurrentTenant()}_idx",
+    keyPrefix = "#{@tenantService.getCurrentTenant()}:products:",
     creationMode = IndexCreationMode.SKIP_IF_EXIST
 )
 public class Product {
@@ -148,22 +149,18 @@ public class TenantService {
 }
 ----
 
-This pattern creates tenant-specific indexes dynamically:
+This pattern provides complete tenant isolation with both separate indexes and separate data storage:
 
-* For tenant "acme": Index `products_acme_idx`
-* For tenant "globex": Index `products_globex_idx`
+* For tenant "acme":
+** Index: `products_acme_idx`
+** Keys stored as: `acme:products:<id>`
+* For tenant "globex":
+** Index: `products_globex_idx`
+** Keys stored as: `globex:products:<id>`
 
-[IMPORTANT]
+[NOTE]
 ====
-The `indexName` attribute supports SpEL expressions that are evaluated dynamically at runtime. However, the `keyPrefix` attribute affects only the index configuration (what key prefix the index searches), not the actual key storage by Spring Data Redis.
-
-All documents are stored using Spring Data Redis's static keyspace (typically the fully qualified class name). For true data isolation where each tenant's data is stored with different keys, you would need to implement a custom `KeyspaceResolver` or use a tenant-aware ID strategy.
-
-The dynamic index naming feature is primarily useful for:
-
-* Creating separate search indexes per tenant (all searching the same keyspace)
-* Environment-specific indexes (dev, staging, production)
-* Region-specific or data-center-specific indexes
+Both `indexName` and `keyPrefix` attributes support SpEL expressions that are evaluated dynamically at runtime. The `keyPrefix` attribute controls both the index configuration (what key prefix the index searches) AND the actual key storage location for documents. This provides complete tenant data isolation.
 ====
 
 === Environment-Based Tenant Configuration

redis-om-spring/src/main/java/com/redis/om/spring/RedisEnhancedKeyValueAdapter.java

@@ -175,17 +175,22 @@ private static String sanitizeKeyspace(String keyspace) {
   @Override
   public Object put(Object id, Object item, String keyspace) {
     RedisData rdo;
+    // Resolve dynamic keyspace from @IndexingOptions if present
+    String resolvedKeyspace = resolveDynamicKeyspace(item.getClass(), keyspace);
+
     if (item instanceof RedisData redisData) {
       rdo = redisData;
     } else {
       String idAsString = validateKeyForWriting(id, item);
-      byte[] redisKey = createKey(sanitizeKeyspace(keyspace), idAsString);
+      byte[] redisKey = createKey(sanitizeKeyspace(resolvedKeyspace), idAsString);
       auditor.processEntity(redisKey, item);
       embedder.processEntity(item);
 
       rdo = new RedisData();
       converter.write(item, rdo);
       rdo.setId(idAsString);
+      // Override the keyspace in RedisData with the resolved dynamic keyspace
+      rdo.setKeyspace(sanitizeKeyspace(resolvedKeyspace));
     }
 
     redisOperations.executePipelined((RedisCallback<Object>) connection -> {
@@ -216,7 +221,9 @@ public Object put(Object id, Object item, String keyspace) {
   public <T> T get(Object id, String keyspace, Class<T> type) {
 
     String stringId = asStringValue(id);
-    String stringKeyspace = sanitizeKeyspace(keyspace);
+    // Resolve dynamic keyspace from @IndexingOptions if present
+    String resolvedKeyspace = resolveDynamicKeyspace(type, keyspace);
+    String stringKeyspace = sanitizeKeyspace(resolvedKeyspace);
 
     byte[] binId = createKey(stringKeyspace, stringId);
 
@@ -364,7 +371,9 @@ public <T> List<T> getAllOf(String keyspace, Class<T> type, long offset, int row
   @Override
   public <T> T delete(Object id, String keyspace, Class<T> type) {
     String stringId = asStringValue(id);
-    String stringKeyspace = sanitizeKeyspace(keyspace);
+    // Resolve dynamic keyspace from @IndexingOptions if present
+    String resolvedKeyspace = resolveDynamicKeyspace(type, keyspace);
+    String stringKeyspace = sanitizeKeyspace(resolvedKeyspace);
 
     T o = get(stringId, stringKeyspace, type);
 
@@ -418,6 +427,8 @@ private long extractNumDocs(Map<String, Object> info) {
    */
   @Override
   public boolean contains(Object id, String keyspace) {
+    // Note: contains() doesn't have type parameter, so we can't resolve dynamic keyspace here
+    // The caller should ensure the correct keyspace is passed
     Boolean exists = redisOperations.execute((RedisCallback<Boolean>) connection -> connection.keyCommands().exists(
         toBytes(getKey(keyspace, asStringValue(id)))));
 
@@ -652,6 +663,27 @@ public byte[] createKey(String keyspace, String id) {
     return toBytes(keyspace.endsWith(":") ? keyspace + id : keyspace + ":" + id);
   }
 
+  /**
+   * Resolves the dynamic keyspace from @IndexingOptions if present.
+   * If the entity class has @IndexingOptions with a SpEL keyPrefix expression,
+   * the expression is evaluated at runtime to determine the actual keyspace.
+   *
+   * @param entityClass     the entity class to check for @IndexingOptions
+   * @param defaultKeyspace the default keyspace to use if no dynamic keyspace is configured
+   * @return the resolved keyspace (either dynamic or default)
+   */
+  private String resolveDynamicKeyspace(Class<?> entityClass, String defaultKeyspace) {
+    if (entityClass == null) {
+      return defaultKeyspace;
+    }
+    // Use RediSearchIndexer to resolve dynamic keyspace from @IndexingOptions
+    String dynamicKeyspace = indexer.getKeyspaceForEntityClass(entityClass);
+    if (dynamicKeyspace != null && !dynamicKeyspace.isBlank()) {
+      return dynamicKeyspace;
+    }
+    return defaultKeyspace;
+  }
+
   /**
    * Container holding update information like fields to remove from the Redis
    * Hash.