In order to give Bubbler’s the ability to fundamentally secure the app, I believe that it’s imperative to have separate read and write privacy rules. Right now the privacy rules are “view and modify” all in one.
I know that you can indirectly specify a “write” rule by adding a condition to a workflow but that solution is not nearly strong enough because of two reasons. Firstly, even advanced developers struggle to take into account write rules at the application level during development (it’s just to much to mentally juggle). Secondly, these workflow conditions only protect at the application level, they don’t protect any lower than that (unless its a server-side workflow).
If you agree with this, please upvote the idea here: https://bubble.io/ideaboard?idea=1681236673100x256481411190751230