I want to make it s.t. a user can see a document only if he created it AND he has a "subscriber" label.
Here's my current setup:
- Collection-level permissions: only users with with the "subscriber" label can create documents. No other permissions are given.
- Document-level permissions: when creating a document, I pass the following permissions array:
`[
Permission.read(Role.label('subscriber')),
Permission.read(Role.user(userId)),
Permission.update(Role.label('subscriber')),
Permission.update(Role.user(userId)),
Permission.delete(Role.label('subscriber')),
Permission.delete(Role.user(userId)),
]`
Yet it doesn't work. It works as if it's OR operator between the permissions, not AND.
What I did: researched documentation, watched official videos, tried to change this setup. Probably I'm missing something obvious. Please help.
TL;DR
Developers want to group permissions as a logical AND. Current setup uses collection-level and document-level permissions with an array of permissions including read, update, and delete. The issue is permissions seem to act as an OR operator instead of AND. Looking for help to resolve this issue.
