I have recently published a Shopify app that allows stores to write to the DB, as well as an exterior application managed by administrators.
Currently my rules are on the
