Thank you for responding.
You write: " When resolving events in the user specific stream the security checks would still be performed and if they no longer had access to a given event they would no longer be able to resolve the linkTo. "
My question is, what is the source of the access control of any given event?
I.e: Customer #1 writes events to some stream, and a link is created in the cusomer-1-allevents stream.
A client application connects with credentials only allowed to read the customer-allevents stream
Will this client application be able to resolve the events or do the client also need to be granted permissions on the stream where the event originated?
On a more general note: Are you aware of any writings or blog posts on multi tenant applications with EventStore? Would be nice to hear other peoples experiences and avoid doing their stupid mistakes™ .