This looks promising. I’m looking into it. Though I had wished for a code-based conditional operator method of accomplishing the goal, this method looks like it could get me further toward what I had hoped for. Thank you!
I think this solution (using access group) is the one that will cover more scenarios (browse screen query, custom queries using datamanager, rest API, and maybe more situations that I’m not aware of :)).
Of course you can implement without using this cuba feature, it depends on what you are trying to accomplish. For example, you can use query conditions. Or maybe change the query completely before opening the screen.
But remember: without using Cuba security subsystem, you will have to implement these constraints everywhere you need them.