Is it possible to configure the security of a table that only some users (the owners) of an entry in a database table are allowed to modify the entry?
For example in a notes ap each note is assigned to a list of users who own this note. All users should be able to see all notes but only the owners of this node shoud be able to edit/delete this note entry.
I only found a solution to filter who can see the note but not who can edit the note.
You will need to create an Action for that. Go to the Actions table. Select the During Update event. Here is an example taken from https://github.com/backand/todos-with-users
// if the current user has an *Admin* role then he is allowed to update a todo for other users
if (userProfile.role == "Admin")
return {};
if (!dbRow.created_by)
throw new Error('Todo with no creator can\'t be updated.');
// do not allow users to change the created by field
if (dbRow.created_by != userInput.created_by)
throw new Error('You can\'t change the creator of the todo.');
// do not allow non *Admin* users to change the creator of the todo
if (dbRow.created_by != userProfile.userId)
throw new Error('You can only update your own todo.');
return {};