I have an entity for a request form called RequestForm which is connected another entity called Country and this Country entity is connected to the Account entity. I want to limit the access to the users by their designated countries so I added the following XPath: MyFirstModule.RequestForm_Country/My First Module.Country/Administration.Account_Country = '[%CurrentUser%]' In this access rule they can create and delete and have full read, full write accesses. And I think this one is working. Now, the RequestForm entity also has an attribute called Status, which is an enumeration with the values 'Submitted', 'Approved', 'Rejected'. And I want the users to only be able to edit this form when the status is empty or Rejected. I tried to create a new access rule where they cannot create or delete the object and only have full read access with the following XPath: Status = 'Submitted or Status = 'Approved' I also tried to add the following XPath to the previous access rule: Status = empty or Status = 'Rejected' So they can only write the forms with these status However this isn't working as I can still edit the form after it has been submitted. What would be the best solution?
You can do this in two ways
One with page level. Using conditional editability.
Other with entity level. If you are going with entity level.
You should use two access rules for the same module role. Allow create and delete of objects for the users in the first rule along with xpath constraint as currentuser constraint and status =rejected or empty
In the second access rule just give read access and in xpath constraint include currentuser constraint with status=’approved’ or ‘submitted’ .
Hope this Helps :)
Try adding editability condition to the fields which are editable based on the status value as ‘Rejected’ or ‘Empty’, this might solve your issue