Skip to content

[Core]: Company Switcher #138

Description

@nielsdrost7

Users managing multiple companies need to switch contexts quickly, similar to Slack/Discord workspace switching.


Specific

As a user, I want to switch between companies without logging out.

  • Show company name top right corner.
  • Click on Company name.
  • Maybe show modal with all companies user belongs to
  • Maybe edit button next to each company
  • Clicking on Company switches to that company

Also:

  • company slug shows in address bar
  • Typing in other slug switches to that company if the user belongs to it

AAA Scenarios

Scenario 1 — Basic UI Switch (top-right button)

Arrange

  • User is authenticated and belongs to companies A and B.
  • Current company context = A.
  • User has at least one resource visible (e.g., invoices) scoped to company A.

Act

  • User clicks the company name in the top-right corner and selects company B.

Assert

  • The UI reflects company B (top-right label updates).
  • All visible data updates to company B’s scoped data.
  • No data from company A is visible after switch.
  • User remains authenticated and session persists.

Scenario 2 — Modal Company Picker (many companies)

Arrange

  • User belongs to 10 companies.
  • Company switcher shows a modal with the list.
  • User has permissions on a subset of companies.

Act

  • User opens the modal, selects a company the user has access to, and confirms.

Assert

  • The modal closes and the UI shows the chosen company.
  • The list respects user permissions (edit buttons shown only where allowed).
  • Data is fully scoped to the selected company.
  • No slow full-page reload is needed unless necessary; context change is seamless.

Scenario 3 — Edit / Quick-actions from Picker

Arrange

  • User has "manage company" permission for company C.
  • Picker shows an edit button next to company C.

Act

  • User clicks the edit button in the picker for company C.

Assert

  • The edit action opens the company settings for company C (modal or page).
  • User can save changes and see them applied to current context if company C is active.
  • Authorization is enforced; edit button not shown where user lacks permission.

Scenario 4 — URL Slug Switch (direct navigation)

Arrange

  • Route format includes company slug: /companies/{slug}/invoices.
  • User is authenticated and belongs to company D.
  • Browser address bar currently shows /companies/company-x/invoices.

Act

  • User types /companies/company-d/invoices into the address bar and navigates.

Assert

  • If user belongs to company D: the app switches context to company D and shows scoped data.
  • The top-right company label updates to company D.
  • No cross-tenant data leaks; user sees only company D data.
  • If user does not belong to company D: the app shows an access error (403) or redirects to an allowed company.

Scenario 5 — Attempted Unauthorized Slug Switch

Arrange

  • User belongs to companies E and F only.
  • The user attempts to access /companies/company-g/... (company G not in their list).

Act

  • User navigates to the URL with company G’s slug.

Assert

  • The system denies access (403 or redirect to a safe default).
  • No company G data is exposed.
  • The user is shown a clear message and a link to accessible companies.

Scenario 6 — Persistence Across Tabs & Reloads

Arrange

  • User switches to company H in tab A.
  • User opens tab B previously at a different company context.

Act

  • User reloads tab B after switching in tab A.

Assert

  • Tab B either respects a global session-level company context (if designed) or indicates the currently active company and offers to sync.
  • No inconsistent data appears; choice of persistence strategy is consistent and documented.

Scenario 7 — Permissions & Feature-Gating After Switch

Arrange

  • User has role changes between companies (e.g., admin in I, viewer in J).
  • Both companies have resources with different accessible features.

Act

  • User switches from company I to company J.

Assert

  • Feature availability updates to reflect new company role (edit buttons hidden where viewer).
  • Actions failing due to permissions return appropriate errors and are not shown where unauthorized.
  • Logs record the switch event for audit.

Scenario 8 — Edge Case: Pending Background Syncs / Long-running Jobs

Arrange

  • User triggers a long-running sync job in company K (background).
  • User attempts to switch to company L during the job.

Act

  • User switches context while background job for company K is still running.

Assert

  • Background job continues and is scoped to company K (no cross-tenant effect).
  • User sees the correct status for company L and is not blocked by K’s job.
  • Operations remain isolated per tenant.

Notes (non-assertions)

  • Ensure server-side authorization is the source-of-truth for all switches (client UI should not be the only guard).
  • Log company switch events (user, from → to, timestamp) for audits.
  • Consider UX for “default company” and initial onboarding choice.
  • Decide and document session vs per-tab persistence strategy and implement consistent behavior.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions