Privacy settings for fields that are things in a data model


Imagine this scenario: I have a thing called “Organization”. It has a list of users.

Now, I want to create privacy rules so that a user is only able to see users that are members of the same organization.

I cannot do a search here. I can only access the User object and the current user.

As far as I can see, I have to “flip” the data model, so that a User has the field “Organization”:

That would allow me to do this:

It does not seem really intuitive to me. Every time I want to access the users of an organization, I have to do a search. Wouldn’t that be slower than just listing the users from a field on the organization?

1 Like

Similarly, I have a thing of ‘Invoice’ which has a field of ‘Project’. Project has a user field of ‘Manager’.

In the privacy settings I can set:

This Invoice’s Project’s Manager is Current User

But in reality this doesn’t work. It returns no Invoices. Assuming each Invoice has a Project and each Project has a Manager, should this second level condition work in general?