I’ve an issue with row level security rules on HTML5 client. I’m not sure if the logic is same as on Flash, but it behave differently. I’ve a rule for whole entity, which is locking the record for editing based on value on bool field. Then there is second rule on string field, which is allowing to edit that field based on user’s application role. If both rules are evaluated to by applied, which one should be the winner for that string filed? The whole record stays read-only on Flash. The whole record stays read-only except the string field, which is editable on HTML5(latest master).
It mainly depends on their priority number. The behaviour has not been changed recently if I remember well.
What was the version where it worked well for you?
It worked on Flash. I did more testing on HTML5. There are the following rules.
Field rule(FR) is (role based):
Whole entity rule(ER) is (rule based - rule is checking if the record has True-read only/False-editable value in one column):
When ER is evaluated as true and user is role member of FR the field is read-only.
When ER is evaluated as true and user is NOT role member of FR the field is editable - should be definitely read only .
It looks there is something wrong with row level rule evaluation.
It is not clear to me which of the rules should be evaluated first as they have the same priorities? 100 vs 100 and 999 vs 999. So it may easily be that they get evaluated in a different order, maybe because they somehow changed their position when converting from database to file model or anything else.
Just make sure the numbers are different and then the order should be obeyed.