Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
prathyoo
Helper III
Helper III

Dataset Read permission and build access

‎09-29-2022 11:57 AM

Hi,

 

We have a dataset Dataset 1 (with RLS) in a shared workspace - Workspace 1.

 

We have an user who has viewer access to a workspace - Workspace 2. There is a report in Workspace 2 which is built using live connection to Dataset 1. For the user to be able to access the report, we have added the user to Dataset 1 with only "Read" permission. The user is not part of Workspace 1. We have not provided Build access to this user. But, we have added the user to a role using Dataset 1 -> Security.

 

Interestingly, the user opened the report in Workspace 2 and clicked the option of "View Dataset". From this view, the user could click the Create Report icon and actually open the dataset in the user's "My Workspace". The user had access to all the tables in the dataset and seemed to have Build access to the dataset.

 

Has anyone seen this. Is there any way to find the granular access control of a user and the path by which a user has been granted particular access to a dataset.

Labels:
Message 1 of 4
446 Views
0
3 REPLIES 3
GilbertQ
Super User
Super User

‎10-05-2022 10:22 PM

Hi @prathyoo 


It appears that the user might have additional access elsewhere.

 

You can try and use the Power BI Scanner to see if that gives you any additional insights, here is a link on how to get this configured: Using the Power BI Scanner API to Manage Tenant's Entire Metadata -





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 4 of 4
340 Views
0
GilbertQ
Super User
Super User

‎09-29-2022 04:57 PM

Hi @prathyoo 

 

Yes that is working as expected because the user can read all the data (table and measures) from the dataset. RLS would also be applied when the user drags and drops tables/measures.





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 2 of 4
388 Views
0
prathyoo
Helper III
Helper III
In response to GilbertQ

‎09-29-2022 10:33 PM

Thanks @GilbertQ ,

 

I have another user who has been setup exactly as the first user i.e. only Read permission on the dataset. This user sees the below -

prathyoo_0-1664515326554.png

This is what we want for the first user too i.e. Read only access to the dataset without the ability to create reports. But, currently, the user sees this -

prathyoo_1-1664515482688.png

We checked the user's group membership. We have only limited set of users belonging to to two groups and the Admin/Contributor/Member of Workspace 1 who have build access to the Dataset 1. Everyone else has Read permission only. There are no apps built on reports using this dataset. I have deleted all links of reports (that I have access to). Most of the links that I had created had Read,Reshare permission. But, I get to see only links and apps from reports in workspaces that I have access to. Since there are two groups of users with build permissions, I am not sure if they have built reports on the dataset, stored it in a workspace that I cannot access and provided links to others with Build access. That is why I needed some API call or interface to check the reason for an user receiving "effective" build permission even though the user was only assigned Read permission by me.

Message 3 of 4
380 Views

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All