I’m trying to wrap my head around privacy rules, and I’m wondering how one should handle privacy rules that do not directly connect to the user or the requested data.
Let’s say for example that I have a type “Transaction” that contains 2 fields: Buyer (a User) and Seller (a User as well). Each new transaction would be an entry in the transaction database. Since there might be many transactions, I don’t want to store them as lists in the users. That would mean duplication and big lists, which I’ve read might be a problem. And there is a limit to a list size anyway. Which would be a problem for an evergrowing list.
Now, let’s say I want to allow Sellers to only have access to the names of the users who have bought from said seller. In terms of query that would mean: search for buyers where seller = current user.
Since I would not have access to the transactions in the user privacy rules, and since lists have limits, I don’t see how I could have the security that I would like to have here. I don’t understand how I can reconcile the limits of the lists and the limits of the privacy rules to actually secure my data as I wish in this use case.
I feel this might just not be possible at all, but I would like confirmation, since this is quite important for my use cases in my current business.
Thank you very much,