Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Managed Permissions not retaining after app update

Submitted by Anonymous on ‎10-15-2018 01:51 PM

I am noticing the manage permissions on a dataset for a report are being changed after the app is updated. I have a report that shows Employee Engagement Survey results which ideally would be limited to a select group of users by using managed permissions.  When I first go to managed permissions, there is a lengthy list of users already attached to my report which I need to delete.  I added in a pilot group of users and after updating the app, noticed the initial list of people I had deleted had reappeared.  The permissions setting I had for the pilot users (read only), also changed back to read and reshare.  This is not good for any report that needs to be seen by a smaller or different set of people than what is assigned to the workspace.  We are trying to limit the number of appspaces we are creating as a company so adding additional appspaces for each new viewing group is not a good solution.  I have screenshots to illustrate what I am seeing if required.

Status: New
See more ideas labeled with:
8 Comments (8 New)
Comments
v-qiuyu-msft
Community Support
Community Support
‎10-16-2018 12:42 AM

Hi @Anonymous,

 

I have sent a email to consult this issue internally, will update here once I get any information. 

 

Best Regards,
Qiuyun Yu 

Anonymous
Not applicable
‎10-16-2018 05:45 AM

Much appreciated!

v-qiuyu-msft
Community Support
Community Support
‎10-21-2018 06:31 PM

Hi @Anonymous,

 

I got information below: 

 

It’s by design and PG have a future improvement to hide such settings are it’s confusing with the regular sharing permissions

 

Best Regards,
Qiuyun Yu 

Anonymous
Not applicable
‎10-22-2018 06:53 AM

Thank you for the update.  How best are we to limit the access to any given report?  We will have a larger group of people with access to an appspace, but will need to limit specific reports to smaller groups.  We are trying to limit the number of appspaces so adding additional appspaces is not an option.  This setting seemed to be an easier, more time efficient approach than adding row level security to each report.

 

Thanks for your help in resolving this issue.

v-qiuyu-msft
Community Support
Community Support
‎10-24-2018 02:19 AM

Hi @Anonymous,

 

Currently, we are not able to set differnet permission for differnet users in a same app.

 

You can divide these reports to different app workspaces based on accessed groups. Then publish each app workspace content as a app, share it with corresponding group/user. 

 

Best Regards,
Qiuyun Yu 

Anonymous
Not applicable
‎10-25-2018 08:02 AM

Thanks, as mentioned previously, this is not ideal at all as it will cause our appspace to explode with apps, also causing our end users headaches in trying to locate the correct app to use for their report viewing.  Has there been any discussion to allow creation of a folder structure within the appspace?  i.e. HR app with multiple sub folders underneath which could then correlate to the unique viewing audiences.  Or is it possible to control those permissions within row level security directly in the PBIX desktop created report? Not having the abilty to control permissions at a lower level than app is not going to work.

 

Thanks.

Anonymous
Not applicable
‎11-05-2018 06:53 AM

Any feedback on the above suggestion for allowing sub folder structure?

v-qiuyu-msft
Community Support
Community Support
‎11-06-2018 12:36 AM

Hi @Anonymous,

 

You can vote on this idea: https://ideas.powerbi.com/forums/265200-power-bi-ideas/suggestions/19440916-create-multiple-apps-from-same-workspace

 

Power BI RLS role can be only used for limiting report data access for different users, this doesn't limit permission for the user. It means if we share the same app for users, they can access all reports in the app, but they might see different data in the report depending on which RLS role they are belong to. 

 

Best Regards,
Qiuyun Yu 

Idea Statuses