Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more.
Get startedGrow your Fabric skills and prepare for the DP-600 certification exam by completing the latest Microsoft Fabric challenge.
Hi All,
I would like to implement RLS for Manager and Supervisor setup for below sample table.
In this example, A is a Manager and B and C are not Managers.
For B and C they should see only their details,
For A should see all the Country details, because A is a manager.
Employee | Country | Manager_Y/N | |
A | aaa@test.com | UK | Y |
A | aaa@test.com | UK | Y |
B | bbb@test.com | US | N |
C | ccc@test.com | CAN | N |
Appreciate your help!
HI @renjithpbi,
I think you can add to extract the manager field value as condition. If the current user is manger, not apply filter on the user email field and he can view all records.
If the current user not the manager, use current username as RLS filter condition on the email field to filter records.
Row-level security (RLS) with Power BI - Power BI | Microsoft Learn
Regards,
Xiaoxin Sheng
Sorry, I am re writing my request once again here , that Manager also can be Supervisor where when A logs in,
He should see Country UK + CAN so he should see Sales = 35, B and C should see their sales.
Employee | Country | Manager_Y/N | Sales | |
A | aaa@test.com | UK | Y | 10 |
A | aaa@test.com | UK | Y | 20 |
B | bbb@test.com | US | N | 15 |
C | ccc@test.com | CAN | N | 25 |
A | aaa@test.com | CAN | N | 5 |
HI @renjithpbi,
Did you mean if user is the manager, he should be permission to view the country records which he managed and his records?
If that is the case, you can try to use the following formulas if suitable for your requirement:
VAR ManageredCountry =
CALCULATETABLE (
VALUES ( Table1[Country] ),
FILTER (
ALLSELECTED ( Table1 ),
Table1[Manager_Y/N] = "Y"
&& Table1[Email] = USERPRINCIPALNAME ()
)
)
VAR isManager =
COUNTROWS (
FILTER (
ALLSELECTED ( Table1 ),
Table1[Manager_Y/N] = "Y"
&& Table1[Email] = USERPRINCIPALNAME ()
)
)
RETURN
OR (
AND ( isManager > 0, Table1[Country] IN ManageredCountry ),
Table1[Email]= USERPRINCIPALNAME ()
)
Regards,
Xiaoxin Sheng
Do you know anything about RLS? What's your issue on implementing this?
You should just create a rule, check if the user loggedin is B or C and if so filter the table as you want.
If you have a specific issue please detail it, if not just check a video on youtube on how to implement RLS
User | Count |
---|---|
77 | |
74 | |
63 | |
61 | |
45 |
User | Count |
---|---|
108 | |
102 | |
93 | |
83 | |
64 |