We have been creating an offline app and entity security is the only way to filter what the app downloads to your device. This is not ideal but its workable. The problem is however that we struggle alot with backend and frontend.
A user can be a backend user and a frontend user at the same time and need different accessrules for both. This gives us a userrole problem. It would make it alot easier if we could choose a different role if we are in the offline app. Or some other way to restrict access rules/data to download for offline use.