Hi all,
We’re working in Foundry Code Repositories and have a scenario with two ontology objects: List and ListItem. Each ListItem is linked to a List via an ID field, and each List has a sharedWith property that determines which users can access it.
Goal:
We want to enforce that only users who are included in a List’s sharedWith property can view its associated ListItems.
What we’ve tried:
-
TypeScript v2 Function:
We imported both objects as resources and tried to filter access in code, but we’re concerned about security of this approach since calling the function from our client code requires the object to be a resource (and fetching from it is an option). -
Restricted Views:
We attempted to use restricted views to enforce row-level security, but struggled to make it work due to the connection betweenListItemandList(i.e., filteringListItemsbased on thesharedWithproperty of their parentList).
Has anyone successfully implemented this kind of access control, where permissions on a parent object (List) restrict access to linked child objects (ListItem)? Are there best practices or solutions for enforcing this relationship securely in Foundry, especially when using restricted views or TypeScript functions?
Any advice or examples would be greatly appreciated!
Thanks!