There seems to be an issue with security when connecting live to ssas md cube from PBI desktop.
If you have set up security roles in ssas to prevent certain roles from seeing some measures, and then do the following steps, then the outcome is not as expected.
1. Connect to the cube live via PBI desktop fro a user with restricted access to som measures. Hidden measures don'r show up. OK!
2. Reconfigure the ssas security role of the member, to include one of the previously missing members.
3. Update data in PBI desktop. New measure appears. OK!
4. Reconfigure the the same role as in step 2, to not include this measure any more.
5. Update data in PBI desktop. The measure remains visible and is NOT removed! NOT OK!
I've tried clearing the cache from within PBI desktop but that doesn't help. I've also verfied by connecting to the cube via Excel under the credentials of the user, and the measure is not visible there any more. Neither is it visible if I browse the cube from management studio under the same user name. Only in PBI dekstop it remains visible!
Somehow revoking access to the measure doesn't affect PBI, which I'm pretty sure is not how it should be working. Live connection must check access rights "on the fly".
Have tried from different users but always get the same result. Have tried posting the forum but don't seem to get anly replies there. Might be a setting that I don't know about so would be good if anyone could have a look at it and verify if it really is a bug or not.