If I use row level security on entity level, rule not working corretly, I think.
level 100, allow Create, Delete, Update for specified role
level 999, deny Create, Delete for role *
But with this setting user which don´t have specied role can add and copy record but don´t update.
My expected behavior is enable create, update and delete for user with specified role and enable only update record for normal user.
This really sholdn’t happen.
Nevertheless this settings is not entirely correct as well - the default action for non-matching events is to deny create, update and delete. So you have to explicitely allow update for normal user.
Anyway, With this settings you shouldn’t be able to do anything with a normal user.
Please can you attach screenshots of related screen-fragments (both rules)?
Did you really try with a normal user?