According to documentation here:
In the Security section, it shows an example and says:
"That can be prevented, by explicitly declaring in the rules that the caching should be applied to alice only."
However, in implementation, Each json stanza is applied as an OR condition.
Matches ANY condition and not ALL as expected.