I’m trying to setup security groups in the following way
Group1 - with attached role with access to own records only
“group admin” - with additional role attached directly to the user with Group access + list view for any other records
Group2 - all the same etc
all works as expected, but I found a security problem
even though “group admin” cannot open a record made by other groups from the list view, its possible to access any data by selecting columns
is it a bug, or I configured it incorrectly?
I know I can hide columns completely in Studio, but I was hoping to give users flexibility on this