Hey All, 

I'm trying to build an ACL structure for a scoped application, and one of my requirements is that my users should only be able to see/read records in an Inventory that are assigned to their location. My thoughts are to use an Advanced Script in my Table.None Read ACL: 

var user = gs.getUser();
if (user.location == current.location) {
	answer = true;
}
else answer = false;

But despite verifying that the User's Location (Location 5150) reference was equivalent to the Records' Location (Again, Location 5150), the script returns false every time (and to my frustration, I have no way to log it - gs.info, warn, etc. statements don't output anything, and I can't use gs.log() because scoped app). 

I've also tried cut+pasting the script into my Table.* Read ACL, and it ends up only blocking Read access to the Location reference field, which is even stranger to me. 

The overall structure that I have in place isn't too crazy or complex - I only have one other Read ACL in the system, without any scripts or conditions, and it's unrelated to the role I'm trying to restrict. I should also mention - the Locations referenced are from the cmn_location table, and the ACL I'm running is for a custom table within my scoped application. 

So, here I am now - wondering if I'm even approaching this problem the right way haha. Could you folks help me out? Is it just because the GlideRecord object I refer to in the script isn't for each specific record, or..? For that matter, why am I not able to use logs for this issue? 

Much appreciated,

Vellv