Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
chris_k
Helper I
Helper I

Complex Security Model

‎01-10-2019 08:39 AM

Hello,

 

Im trying to achive a slightly more complex security model than just a single filter.

 

The idea is to filter the table named "Security" using RLS with USERPRINCIPLANAME() to filter that table.

 

The security levels are 1 to 4 with 1 being the highest and 4 the lowest.

So:

  • If a user has a level of 1 on a project they should see all sources that are tagged 1, 2, 3, or 4 but also be locked to only the projects they can see.
  • If a user is a 2 then they shouldnt be able to see any data that is tagged with a level on 1.

I have attached a link to an example file that works perfect for just the single project level filtering but I need to involve the security columns too. 

 

Example.pbix

 

Can anyone offer any advice on how this could be done?

Labels:
Message 1 of 2
418 Views
0
1 REPLY 1
sturlaws
Resident Rockstar
Resident Rockstar

‎01-10-2019 03:19 PM

securityModell.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Hi Chris_k, you could try to split up your security table in to parts, one  cointaining the project a user is entitled to see and one with the security level of the users for each project. 

In the security level table, create a new column which is a combination of project and security level, projectSecLvl. Create the same column in table 1 and table 2. Add many-to-many filters between security level table and table 1 and table 2, with filter direction from securityLevel to table1/table2.

Add filter in the manage role window on both security and securityLevel where email=userprincipalname().

It works with the simple example file you provided, but I have not tested it for larger data sets so not sure if that works. 

Your sample file does not contain any examples of the type security level 1 should see all other levels. A way to solve this could be to add all the levels for a user in the security level  table. E.g. if user1 has security level 1 = 1 on project X7, then add rows to the security level table for user 1 for project X7 level 2,3 and 4.

 


regards,
Sturla

Message 2 of 2
403 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All