Row security

Row security restricts which entity instances a user may access.

Enforcing Policies

Implement a component that evaluates whether the current principal is allowed to read or modify a given entity. Inject it into generated services or controllers.

Read Checks

Before returning data, call the policy to ensure the user has access. Unauthorized rows can be filtered out or trigger an error.

Write Checks

Validate permissions prior to updates or deletes to prevent unauthorized changes.

Tips

• Combine with field security for comprehensive protection.
• Use role-based rules or ownership comparisons to determine access.