Help creating access group constraint


I am trying to allow a employee to only see some records which include his department in the list of departments shared with.

Hi, I’m not sure I understand your scenario. I think more details will help.

The following page has a more simplified example, restricting visibility to records created by the user. Constraints - CUBA Platform. Developer’s Manual

{E}.createdBy == userSession.user.login

I am not familiar with the department property. Is that a custom property created by you? If you extended the User entity to include department and department is part of the entity, then you could do something like:

{E}.department == userSession.user.department

Is department a custom session attribute of the access group? Like described here: Session Attributes - CUBA Platform. Developer’s Manual Then you could do something like this:

{E}.department == :session$department

Thank you, i have managed using

{E}.department == userSession.user.department