I have a custom entity X and a user User that is assigned a security role Role U.
This user is also a user in a team T that has a security role Role T.
Role U has Basic access level to write entity X and Local access level to read entity X.
Role T only has a Local access level to read entity X.
When a X record is owned by the team T, the user sees an editable form but after a change and save he gets an error for Access Denied on the Write privilege.
Why is that? The entity is owned by the team that this user is a member of.
As soon as I change the write privilege from None to Basic on Role U, the user can edit the record.
The same entity has a custom button that should only be enabled if the user can edit the record. This button has a RecordPrivilegeRule that enables it only when user has e Write privilege on the record.
In the scenario above, where the user could not update the record even if given the correct access level, this button is still enabled. Why is it enabled if the user is getting access error?
I understand that there is a workaround to place the privilege on team level but would like to know if there is something in those privileges that I am not understanding.
Thank you