Realm sync permissions rules allow write only from functions

How to configure the Realm Sync permissions so that users can write from within (specific) functions, e.g. a function “increaseCounter” that will check if certain conditions are met and then increase a value in a document by 1.

The users should not be allowed to change this value themselves (which they would be able to if i gave them basic “write” access, so this is where my question comes from. They should only be allowed to call this function).

How do I define that in the Sync permissions section?