We often want to control what users have access to what data in our Noloco apps.

The best and most secure way to control data access is by setting up database permission rules by user role. Record-level permission rules determine at the API level what records a particular user can access. This is much more secure than just adding filters to collection views at the UI layer.

In this video, we talk through how to set up record-level permission rules and how to test your permission rules to ensure that they're working as expected.