First some rant:
I’m novice in backendless, migrating from Parse. I have carefully read documentation about data security, read FAQs about it and searched through many forum’s topic where “Roles” mentioned. And I’m still confused. And after my forum search I can say that a few typical questions about roles/security/permissions are repeated times and times again.
Backendless team can tell that rules are actually simple and straightforward. But the same repeated questions are good indication that current explanation isn’t enough.
I can believe that backendless security model is great and highly customizable, but Backendless team should realize importance for new devs to fully grasp security rules and to be 100% sure of how will it work.
Idea:
unfortunately, I don’t have simple idea to improve current situation. I can say what could work for me - to have instrument that would allow quickly run test queries and show step by step what rules were applied, what and why was granted/denied in final. Something like when you debug CSS (rules precedence, final computed, etc).