I have one class: ClassA and 2 Roles(Groups): Role1, Role2.
users from Role1 and Role2 can work with only own objects from ClassA. This is means Role1 may create, edit, view and delete only objects, which it created before. Role2 have same permissions but for own objects.
How it configure:
1) can it works on editor attribute?
2) if yes: how configure filter display list?
1) need to create domain between Roles and ClassA?
2) if yes: how configure that, when user Role1 create new object, it automatically appointment this Role1 for this object?
can I use for automatically fiiling attribute reference with group users?
for example, user "Ann" create obj ClassA which contain an attribute reference (domain ClassA - Groups of Users). This attribute for Users "Only for Read" but system for filter reference fill domain for "Finance depapartment", like at user "Ann"?
how confugure filter reference for that?
Ann is operator Group named "Finance depapartment".
LoginUser (filled by trigger from user table depending on responsible user)
For a user group I have to limit the visibility of entries to those, the LoginUser is responsible for.
I have created a working standard filter, but users can disable it. So, it is not secure.
So, a function for use as filter in the groups & permissions section is needed.
I did some tries with the jsonb expression from the filter (@MY_USER), mentioned above - no success.