When creating a rule, you specify a collection, predicate/s, and smart functions. That rule can then be connected to particular users and auth records.
For example, a user can be connected to a rule regarding the
person collection and the
person/handle predicate. If they issue a query or transaction that includues
person/handle, then the smart functions attached to the rule are triggered.
If all of the smart functions return true, then the transaction goes through or the query results get returned.
If at least one of the smart functions returns false, then the transaction is rejected, or, in the case of a query, the results are returned without
To learn about the structure of rules and how they are connected to auth records, the Permissions Lesson is a helpful resource to learn more.