# Multi-Tenancy Rules

## The Rule

Every query accessing user data MUST scope to `co_host_id`. Never rely on the frontend to filter — always enforce server-side.

## How to Scope

```php
// Get the correct scoping ID — always use this helper
$coHostId = $user->coHostUser()->id;

// Apply it to every query touching user data
Property::where('co_host_id', $coHostId)->get();
Reservation::where('co_host_id', $coHostId)->where(...)->first();
```

## coHostUser() Helper

- Lives on the `User` model.
- Returns the correct owning user for scoping — handles both owners and sub-users transparently.
- Always call this instead of using `$user->id` directly for query scoping.

## Critical Warning

`rentals_subuser_id` (Rentals United's external ID) is NOT the same as `co_host_id` (internal scoping ID). Never use one in place of the other.

## New Feature Checklist

- [ ] New table has `co_host_id` column
- [ ] All index/show/edit/destroy actions scope by `co_host_id`
- [ ] Test written to verify cross-tenant data isolation (user A cannot see user B's data)