I'm writing an ERP application now and I'm trying to figure out how to implement Row Level Security. In my application access list is based on users and roles. I know I can block single users from doing actions in controllers, but how can I block them from getting all records (they'll get only records they can see) or related records (same here)?
I hope you can help me. Best regards!