ObjectStackSharing
Sharing protocol schemas
Organization-Wide Defaults (OWD)
The baseline security posture for an object.
Source: packages/spec/src/security/sharing.zod.ts
TypeScript Usage
import { CriteriaSharingRule, OWDModel, OwnerSharingRule, ShareRecipientType, SharingLevel, SharingRule, SharingRuleType } from '@objectstack/spec/security';
import type { CriteriaSharingRule, OWDModel, OwnerSharingRule, ShareRecipientType, SharingLevel, SharingRule, SharingRuleType } from '@objectstack/spec/security';
// Validate data
const result = CriteriaSharingRule.parse(data);CriteriaSharingRule
Properties
| Property | Type | Required | Description |
|---|---|---|---|
| name | string | ✅ | Unique rule name (snake_case) |
| label | string | optional | Human-readable label |
| description | string | optional | Administrative notes |
| object | string | ✅ | Target Object Name |
| active | boolean | ✅ | |
| accessLevel | Enum<'read' | 'edit' | 'full'> | ✅ | |
| sharedWith | Object | ✅ | The recipient of the shared access |
| type | string | ✅ | |
| condition | string | ✅ | Formula condition (e.g. "department = 'Sales'") |
OWDModel
Allowed Values
privatepublic_readpublic_read_writecontrolled_by_parent
OwnerSharingRule
Properties
| Property | Type | Required | Description |
|---|---|---|---|
| name | string | ✅ | Unique rule name (snake_case) |
| label | string | optional | Human-readable label |
| description | string | optional | Administrative notes |
| object | string | ✅ | Target Object Name |
| active | boolean | ✅ | |
| accessLevel | Enum<'read' | 'edit' | 'full'> | ✅ | |
| sharedWith | Object | ✅ | The recipient of the shared access |
| type | string | ✅ | |
| ownedBy | Object | ✅ | Source group/role whose records are being shared |
ShareRecipientType
Allowed Values
usergrouprolerole_and_subordinatesguest
SharingLevel
Allowed Values
readeditfull
SharingRule
Union Options
This schema accepts one of the following structures:
Option 1
Type: criteria
Properties
| Property | Type | Required | Description |
|---|---|---|---|
| name | string | ✅ | Unique rule name (snake_case) |
| label | string | optional | Human-readable label |
| description | string | optional | Administrative notes |
| object | string | ✅ | Target Object Name |
| active | boolean | ✅ | |
| accessLevel | Enum<'read' | 'edit' | 'full'> | ✅ | |
| sharedWith | Object | ✅ | The recipient of the shared access |
| type | string | ✅ | |
| condition | string | ✅ | Formula condition (e.g. "department = 'Sales'") |
Option 2
Type: owner
Properties
| Property | Type | Required | Description |
|---|---|---|---|
| name | string | ✅ | Unique rule name (snake_case) |
| label | string | optional | Human-readable label |
| description | string | optional | Administrative notes |
| object | string | ✅ | Target Object Name |
| active | boolean | ✅ | |
| accessLevel | Enum<'read' | 'edit' | 'full'> | ✅ | |
| sharedWith | Object | ✅ | The recipient of the shared access |
| type | string | ✅ | |
| ownedBy | Object | ✅ | Source group/role whose records are being shared |
SharingRuleType
Allowed Values
ownercriteria