Hiding URLs from non-signed in users

In general I would like to understand better what happens in app where sign in is optional only for users in the users table, and all other see a public app.

On the highest level, I understand that I can set the visibility condition of a navigation item (visible if user email is signed in user). Great, now they don’t see the tab I want hidden from them. But what if they get a link to it? Will the be able to view it?

Furthermore let’s say I have a collection, where the detail screen is only for signed in users. I can set up an action that when clicked by a non signed in user, they get a notification and bumped back to the home page. Their personal entry into that detail now is now unavailable. But What happens if they are given a link to that detail screen? Will it work for them?

My test shows that if you have a collection on a completely public tab, then if you share a details screen URL of an item of that collection, then it’s accessible for any non signed-in users.