Using CONTAINS is a PROTECT Rule

kklosson

I am pretty knowledgeable about using protect rule as I have a multi-tenant application and use them all over the place.
After about 5 hours of work and a thorough search of the board, I am stumped. I have an attribute called HideFrom that captures the full name of an investigator (one or more). The length is 250. If the LoggedIn investigator's full name is found in the attribute, I want to READ PRORECT the object.

Here is my basic syntax that should work but does not. The result is that all objects are read-protected.
IF Candidate.HideFrom CONTAINS LoggedInInvestigator.FullName THEN READ PROTECT Candidate from Investigator.

Here is something that works as expected, but is obviously is not what I want as an outcome:
IF Candidate.HideFrom IS DEFINED THEN READ PROTECT Candidate from Investigator.

Other tests also work fine such as:
IF Candidate.LastName='Smith' THEN READ PROTECT Candidate from Investigator.

I tried something literal:
IF Candidate.HideFrom CONTAINS 'Bill' ==> This would resolve as TRUE
But again, no records we visible.

Conclusion:
Using the HideFrom attribute in conjunction with CONTAINS results in all records being read-protected.
Using the HideFrom attribute in conjunction with IS DEFINED or IS UNDEFINED produced expected results.
Can't use CONTAINS in a protect rule?

aware_support

Have you checked the rule log?

kklosson

I do not see the rule being executed.

BSV sent as per request.

Jaymer

Try using INDEX_OF to search for the Investigators Name.

aware_support

When the value is undefined CONTAINS doesn't work properly. So your rule should look like this:

IF Candidate.HideFrom IS DEFINED AND Candidate.HideFrom CONTAINS LoggedInInvestigator.FullName THEN READ PROTECT Candidate from Investigator