Me and my BI team have experienced some trouble regarding to Data Security these past couple days. The problem we had was that one certain user, which was not able but to see his own Business Unit's data, reported that he had access to all the data on the report and not only the one that he was supposed to have available.
We checked all the different data security levels, and there was nothing that could explain what was happening. The user was included on the Row Level Security list (and the user was properly linked to just his own Business Units); and the user had no administrator, nor writing rights over the data.
This only happened on the Cloud Service, where this user had access to all the data, while on the desktop PBI application everything was right.
After some weeks, we check again in Cloud if this user still has access to all the data, and the problem was somehow solved. Now, the user could only see his Business Unit data.
After doing some checkings with the same user changing his securities on all different levels, we realize that after having had access to all the data, once you rearange the securities so it turns back to the previous stage, this user can still see everything on the Cloud report as if administrator rights were still granted.
We repeated the process with other random users that had not experienced this problem before, and the same happened: after having had administrator rights and being included on the RLS list, once these changes are rearanged, they still have access to all the data on the Cloud report but not on the Desktop one.
Conclusion: is it a matter of processing time? Does the Cloud Service need any specific amount of time to process these changes and show the data as it is suppossed to be? How much time can it be?
The data model is composed of 12 tables, and the largest one has around 20,000 rows.
Thank you very much in advance for your time and help.
Please correct me if I wrongly understood your issue .
You mentioned that "after having had administrator rights and being included on the RLS list, once these changes are rearanged, they still have access to all the data on the Cloud report but not on the Desktop one." , it means you assign admin permissions to the user and then cancel these permissions , they can still see all the data ? After a while, they see the data that they should see, right?
Community Support Team _ Ailsa Tao