Privacy rule for intersects with


  • Organisation
  • Department
  • Article
  1. When a user is added an organisation is assigned to them
  2. Departments are also selected for them (list of departments)
  3. When an article is published it belongs to an organisation and it can be tagged (list of departments) so only users who belong to those departments can view the article.


  • I have a privacy rule in the organisation, so only users who belong to that organisation can view that organisation’s articles

What is most efficient & secure way to allow users to view articles tagged with departments they belong to. At the moment I’m doing it with a search in a repeating group using “Intersects with”.

Ideally I want to do the search on the server side and also have a privacy rule in place for this (something like… Articles departments contains current users departments)


Anyone got any advice?

This is what I’m trying to do:
Each person can belong to many departments (list of departments)
Each article can belong to many departments (list of departments)

The only way to display articles that belong to a users department (the departments they belong to) is to use Intersects with. But this is all client side.

SO is the alternative…

To create multiple articles of the same article but tag each with only one department. This way I can use a privacy rule (current users department contains article’s department) to keep all the filtering on the server side.