Function to enforce read access to specific collections in realm

Hi,

I am trying to implement read/write access rules using functions for an application and I would like to know if it is possible to constrain read only form several collections. I am using the functions from @Andrew_Morgan RChat tutorial:

//canWriteFunction
exports = function(partition) {
    console.log(`Checking if can sync a write for partition = ${partition}`);
    const db = context.services.get("mongodb-atlas").db("app_db");
    const subscriptionCollection = db.collection("UserSubscription");
    const billingCollection = db.collection("Billing");
    const user = context.user;
    
    if (partition == "PUBLIC") {
        console.log(`No user can write to PUBLIC partition`);
        return false;
    }
    
    let userPartitionKey = "";
    let userPartitionValue = "";
    
    const splitPartition = partition.split("=");
   
    if (splitPartition.length == 2) {
        userPartitionKey = splitPartition[0];
        userPartitionValue = splitPartition[1];
        console.log(`Partition user key = ${userPartitionKey}; partition user value = ${userPartitionValue}`);
    } else {
        console.log(`Couldn't extract the team partition key/value from ${splitPartition}`);
        return false;
    }
    
    if (userPartitionValue == user.id) {
        return true;
    } else {
        console.log(`User not allowed to write documents`);
        return false;
    }
};

//canReadFunction
exports = function(partition) {
    console.log(`Checking if can sync a read for partition = ${partition}`);
    const db = context.services.get("mongodb-atlas").db("app_db");
    const user = context.user;
    
    if (partition == "PUBLIC") {
        console.log(`Any user can read PUBLIC partition`);
        return true;
    }
    
    let userPartitionKey = "";
    let userPartitionValue = "";
    
    const splitPartition = partition.split("=");
   
    if (splitPartition.length == 2) {
        userPartitionKey = splitPartition[0];
        userPartitionValue = splitPartition[1];
        console.log(`Partition user key = ${userPartitionKey}; partition user value = ${userPartitionValue}`);
    } else {
        console.log(`Couldn't extract the team partition key/value from ${splitPartition}`);
        return false;
    }
    
    if (userPartitionValue == user.id) {
        return true;
    } else {
        console.log(`User not allowed to read documents`);
        return false;
    }
};

I would like to know if it is possible to prevent the possibility for the client apps to write to subscriptionCollection and billingCollection. And only to read from those collections the objects with userPartitionValue.

Thank you!