Okay, let me rewording the question.
How can I make configuration so that the authenticated account is allowed to manager its Party entity?
I tried below configuration but $schoolRepository->findAll() fetches all the schools other than the school assigned to the account only.
=====================
resources:
entities:
'My\Package\Domain\Model\School':
My_Package_Schools_All: 'ANY'
My_Package_Schools_Mine: 'this.name == current.securityContext.account.party.name && this.name != NULL'
roles:
RegisteredUser: []
SchoolManager: []
acls:
SchoolManager:
entities:
My_Package_Schools_All: GRANT
===============================
Can anyone shed some light on this please?