We are trying to separate in our security rules the ability for a user to export data in an app and the ability for a user to export a pdf/powerpoint of their story in an app.
We would like to allow all users to export pdfs/powerpoints of their stories, but only power users to export data.
Currently both abilities seem to be covered by the ExportAppData rule:
action: export data
conditions: resource.HasPrivilege("read") and !user.IsAnonymous()
context: both in hub and qmc
Does anyone know of a way to separate these two abilities or can anyone confirm whether it is/isn't possible?