Item permissions rule is driving me crazy

Directus Cloud user here. I can’t for the life of me figure out how to do this. I’ve tried every permutation possible, I don’t know what I’m doing wrong.

Basically I have a M2M field in my space collection called space_editors, which are related to directus_usersI also have a translations field in my space collection (spaces_translations). Now I wanna restrict update access for spaces_translations only to those users who are in space_editors. So I have added the following rule to spaces_translations in my access policy for update:

spaces_id → space_editors → directus_users_id → id EQUALS $CURRENT_USER.id

Is this correct? I have tried also without using the id:

spaces_id → space_editors → directus_users_id EQUALS $CURRENT_USER

I’ve tried every other way and still when I make a POST request I get a 403. I wanna pull my hair out. It would be nice if there some feedback in the console or something what these rules exactly are fetching, cause it feels like I’m just playing a guessing game of trying to get this to work. (…yes, all field permissions are checked).

Hello Liam,

This might help Multi Tenant, Multi Role -> Directus Setup | Loom