Re: Trying to setup RLS based on a dynamic table

cferv_77 · ‎11-03-2023

So I have these tables

- Main table contains the data and it has a 'security column' set to Allowed.

- RLS is just a regular table with Allowed and Denied

- Employees is a table that is "connected" to our HRIS. The logic column that is implemented on who shall have access based on their job title.

I tried creating a relationship between all the tables and then implement the USERPRINCIPALNAME() on the email of the Employees table, but I don't know if the relationship is off or I am implementing RLS wrong. Relationship between Main Table and RLS on the security column, RLS and Employees (cross filter direction = both) on the logic column.

See image below. Appreciate any help on this. Thank you.

christinepayton · ‎11-03-2023

It would help if you shared your RLS DAX I think--

cferv_77 · ‎11-05-2023

Hello @christinepayton

I tried a few RLS DAX

1. [Email] = USERPRINCIPALNAME()

2. [Email] = USERPRINCIPALNAME() && [Access]="Allowed"

christinepayton · ‎11-06-2023

Is your relationship on the allowed/denied column? I'm not sure what the RLS table is doing in your diagram, I think you'd want the RLS rule to be on the Employees table in that case (it'd be acting as the RLS table). This is a bit of an odd way to use it either way, usually you'd use USERPRINCIPALNAME to filter rows with the relationship on an email address field in the fact table.

Trying to setup RLS based on a dynamic table

Helpful resources

Fabric certifications survey

Power BI Monthly Update - April 2024

Fabric Community Update - April 2024

How to Get Your Question Answered Quickly