ACR Rules

⌘K
  1. Home
  2. Docs
  3. ACR Rules
  4. Security (28)
  5. Access rules in multi-tenant apps should have an XPath constraint

Access rules in multi-tenant apps should have an XPath constraint

Check if these roles have entity access
For multi-tenant apps it is important that users can only see their own data. The previous rule (Access rules leading to a user) require a certain multi tentant setup. This rule is weaker and requires only any xPath on the entity accessed by a certain role.
Add a comma separated numeration of roles for which this rule applies.