Some string permission conditions behave unexpectedly when the value is null

[robere2]

By default, the Guest group currently has permission to read Productions that match the following condition:

{
    "NOT": {
        "teamNotes": {
            "startsWith": "private"
        }
    }
}

This allows us to add the word "private" to the start of team notes in order to make it visible only to members. However, if the teamNotes field is null, the rule check will fail, preventing them from seeing the production, despite the fact that its teamNotes fielld obviously does not start with "private". This may or may not have something to do with the fact that it's an inverted condition (i.e., the NOT).

A temporary workaround for situations like this is to add an explicit condition for when the value is null:

{
    "OR": [
        {
            "teamNotes": null
        },
        {
            "NOT": {
                "teamNotes": {
                    "startsWith": "private"
                }
            }
        }
    ]
}