We ran in to an issue during the functional testing of PBCS application - A user has read access to an entity. When he selects the entity in the POV of a webform and just clicks on “Save” , the run on save business rule picks up the entity from the POV of the Webform and modifies the data. It is intended to work this way if the user has write access to the entity. However in this particular use case the user has only read access to the entity. Is there a workaround to prevent this scenario from happening?