I'm not sure the best way to do this, at the time of writing, this can be accomplished with before read rules. I don't like this but, it would make life pretty simple. Just modify the query appropriately for the logged in user.
If they only can see their records, when they do a search for preferences containing language, then append { userId: session.user.id } to each of their queries.
Another option would be to make another folder for these kind of rules where by role we limit what they can see.
I'm not sure the best way to do this, at the time of writing, this can be accomplished with before read rules. I don't like this but, it would make life pretty simple. Just modify the query appropriately for the logged in user.
If they only can see their records, when they do a search for preferences containing language, then append { userId: session.user.id } to each of their queries.
Another option would be to make another folder for these kind of rules where by role we limit what they can see.