Solved: Re: Sharing URL and RLS

Anonymous · ‎05-12-2021

I have a report which uses RLS.

The RLS also controls which report pages the user can access.

A user with ihgher rights is presented with a page which allows drill down to details

A user with lower rights is presented with a page that does not allow drill down.

I am aware of how to send a Share Link to another user which does not ignore RLS.

It appears however, if I am the user with higher rights and I am on the report page which allows drill down - if I just copy and paste the URL from the Address Bar of the browser and send to a user with no drill down rights - or even no access to the report - that the URL will work for them and display the report page inheriting my right to drill down therefore.

Is there a way of preventing this?

GilbertQ · ‎05-13-2021

Hi @Anonymous

Yes as mentioned before RLS does not apply to pages. So when you copy the URL you are copying the page to be viewed and the RLS does not apply.

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog

View solution in original post

GilbertQ · ‎05-13-2021

Hi @Anonymous

Yes as mentioned before RLS does not apply to pages. So when you copy the URL you are copying the page to be viewed and the RLS does not apply.

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog

GilbertQ · ‎05-12-2021

Hi @Anonymous

Please be aware that RLS cannot be applied to pages. It can only be applied to the dataset.

That is why when a link is shared the user will be able to see the page and its contents. You will have to secure the data via RLS on the dataset.

Did I answer your question? Mark my post as a solution!

Proud to be a Super User!

Power BI Blog

Anonymous · ‎05-13-2021

GilbertQ,

Sorry, I should have made my description clearer.

Indeed RLS is applied to the dataset. it is done via an AD group which has been assigned Viewer only access. In addition DAX expressions using the USERPRINCIPALNAME() have been set on the appropriate tables. The RLS is working as expected. The pbix contains a number of report pages to present to a user.

A user with higher rights is presented with a page containing summary information on which drilldown is enabled to bring them to a different page with the details for that summary. A user with lower rights is presented with a similar but different summary page which does not have drill down available. That is all working .

I am also aware of the optins available when using the Share button to tailor the type of link that can be shared with another user - we have tested those and that works as expected too.

However, my challenge is, if I, as a user with the higher rights navigate to my page allowing drilldown, then copy the URL fro the Address bar of the browser and send that to the user with lower rights, then that isbringing them to the page with drilldown that they are not supposed to see. that copied URL seems to go with the higher rights.

This is is the situation that I am asking is it possible to avoid.

Thanks for any advice

Sharing URL and RLS

Helpful resources

Microsoft Fabric Learn Together

Power BI Monthly Update - April 2024

Fabric Community Update - April 2024