LinkKey access rule for all tables?

I’m trying to set the access rules for all tables to only allow if UUID matches LinkKey, but it produces a Invalid columns error (except in the single table one):

I’ve tried 'UUID' in rec and user.LinkKey.UUID == rec.UUID or rec.get('UUID'), but the later even says unsupported syntax.
Is the only way to add the rule to all tables?

Interesting issue. Two parts to it.

For default rules (that apply to all tables), it may be best to continue not supporting record-based conditions. Otherwise when someone adds a new table, you can end up with invalid rules (if that table doesn’t have a UUID column), and invalid rules are a situation we want to avoid.

But for the “default rules to add when adding table rules”, this error should probably be considered a bug. It would make sense to show the error if you added table rules for a table that doesn’t have a UUID column, but it’s not an error until then, and it should work fine for tables that do have such a column. I am reporting it to the engineering team to look into.

1 Like

Work started on a fix:

1 Like

Thanks guys for jumping so quickly to implement a solution! :heart:
Somehow did not see a notification, but here’s what I think:

The seed rule change is welcomed but not really a solution in my case. (which I now also have a new use-case for, which brought me back here)

I would want to be able to add default rules for all tables, e.g.:

  • table.has('UUID') and rec.UUID == user.LinkKey.UUID
    (or simpler: rec.getIfExists('UUID') == user.LinkKey.UUID :thinking:
  • table.has('created_by') and newRec.created_by != rec.created_by => deny

These kind of rules I currently cannot add, as far as I know - I would need to add them manually to every table - which can become quite messy. :confused: