I followed the instructions in the To-Do app in regards to logins, acl, etc. Problem is there are certain instances when a user creates an item within the app, and other users are able to see what that user made.
In one instance I saw that in the database the acl for the item all users could see was set to "*", but I don't know how that's possible if other users are able to create that same item and the acl is fine.
Can someone take a look at my mappings to see if they are correct?