Access is granted to all users when attempting to use customer properties to manage stream access.
Stream access is set up using customer properties. Only users with the specific custom property should have access to the stream, but all users
are granted access instead.
The current security rule is set up as follows:
Where Project is the name of the custom property.
The condition translates into: ((resource.@Project=user.@Project))
A requirement is needed to be added to the condition.
((resource.@Project=user.@Project and resource.@Project!=""))
A security rule will match every Stream to every user who has assigned the custom property 'Project'.
It is possible to match other resources through this rule for example apps or data connections or it is possible to include them to the existing rule.
This includes that the customer property can't be empty to start working.
If you click on 'Validate rule
' the rule should look like this: