Dear All, Model: Entity ‘A’ has a cross module association with Entity ‘B’ (ModuleX.EntityA_ModuleY.EntityB). User (CurrentUser) has a cross module association with Entity ‘B' (UserManagement.Account_ModuleY.EntityB). Entity ‘B’ has an integer attribute: ‘Level’ (ModuleY.EntityB/Level) In ModuleX.EntityA acces rules I want to constrain access to objects of Entity ‘A’ over the association with EntityB to those where the integer value of ModuleY.EntityB/Level are the same or higher (>=) as the Level value of the CurrentUser Object (the 'Level' attribute value of the EntityB object that has an association with the CurrentUser). I can’t figure out how to correctly formulate this in the Entity Access Rules. Mainly because it seems that I can only start the path from EntityA. I thought I would be able to do something like: Access rule constraint of EntityA: [ModuleX.EntityA_EntityB/ModuleY.EntityB/Level >= UserManagement.Account[id=‘[%CurentUser%]’]/ UserManagement.Account_EntityB/ModuleY.EntityB/Level] The above doesn’t work. Is the above scenario possible to achieve? If yes, could somebody perhaps help me out with some pointers? Thanks!
You are not able to start the xpath from any entity. E.g the first part of your xpath is ok but after the equasion you cannot start it at user management.account. If you really want something like this you would need to work with a level entity that is linked to the entity and to a user. That way you are able to constrain the user to the currentuser.