Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
Anonymous
Not applicable

Need help with DRLS cross-filter security

‎03-31-2021 08:29 AM

Hi community,

 

I have implemented quite a complex DRLS case, where I use the Userprinciplename() to filter the data based on a permissions table called Dashboard_Permissions. For your understanding, here is the situation:

 

I created a role whereby I filter the Users table (holds all users) using the Userprinciplename() of the current user using Power BI, which filters through to the other tables like this:

 

Users    1 -  *  Requests

Requests  1 - *   Dashboard_Permissions

Dashboard_Permissions  * - 1 Accounting_Divisions_Locations

Accounting_Divisions_Locations  1 - *   Flexera_Evidence_Assets 

 

As you can see, I want to use the unique locations from Accounting_Divisions_Locations  to eventually filter my data (Flexera_Evidence_Assets table) using filter propagation on the Location field. The Accounting_Divisions_Locations table is a dimensional table that contains unique Locations.

 

I can of course use a bi-directional active filter with security filter (between Dashboard_Permissions and Accounting_Divisions_Locations), however I have come to know this is not the most performance-friendly solution, so I need to use DAX.

 

A person usually has a specific Corporate_Unit and Location combination.

What complicates matters is that I have a situation whereby a manager can have access to a certain Corporate Unit and should also have access to all locations under this Corporate Unit. 

 

The structure of Dashboard_Permissions is as follows:

 

 

Permission_IDRequest_IDCorporate_Unit_IDLocation_IDApproved_dateActive
111011NULL2021-03-30 16:06:33.40000001
22100210022021-03-30 16:10:06.18333331

 

 

In the case that Location_ID is NULL, this means that this person(request_id in this case) should have access to all locations under this corporate unit (in this case that is BeCSE/GR), otherwise it should just take the location_id and lookup the value in the Accounting_Divisions_Locations table. I would also have to keep in mind the Active flag (1/0) which indicates if the permission is active or not.

 

An illustration what I want in SQL (using joins and coalesce):

 

Permission_IDRequest_IDCorporate_Unit_IDLocation_IDApproved_dateActiveLocation
111011NULL2021-03-30 16:06:33.40000001BeCSE/GR/Corporate
111011NULL2021-03-30 16:06:33.40000001BeCSE/GR/Datacenter
111011NULL2021-03-30 16:06:33.40000001BeCSE/GR/Store
22100210022021-03-30 16:10:06.18333331BeCSE/BE/Datacenter

 

How can I implement this in DAX when I have two relationships between the Dashboard_Permissions and Accounting_Divisions_Locations table? How do I make sure that the filter propagates through? I want to specify this in the manage roles section.

 

Thank you for your help,

 

Jovan



Labels:
Message 1 of 2
249 Views
0
1 REPLY 1
lbendlin
Super User
Super User

‎04-02-2021 06:51 PM

"I can of course use a bi-directional active filter with security filter (between Dashboard_Permissions and Accounting_Divisions_Locations), however I have come to know this is not the most performance-friendly solution, so I need to use DAX."

 

Make sure you test that assumption on your actual data.  It might not be an issue for your scenario, and it would save you a lot of headache if you can let the data model do the work.

 

Please explain the business scenario for   Dashboard_Permissions  * - 1 Accounting_Divisions_Locations  again.

Message 2 of 2
172 Views
0

Helpful resources

Announcements
PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

View All