My Pages Bypassing User Role Access
My organization has been using Role Access on the New UX app pages to open/close certain processes that our end users complete. For example: Funding requests for the next fiscal year are only solicited during a 3 week timeframe. We assign access to the user roles which need to access the app page(s) and once the period is over, access is subsequently removed.
I just found out that if a user creates a My Page of this app page, then they will retain access to continue submissions even after the "original" app page access is removed. I am in the process of adding Boolean checks and Write Access Drivers to the underlying modules to prevent this. Without turning off My Pages for the module itself, as we do want end users to use this functionality, what would be the best course of action to prevent these kinds of unintended access?