Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Be one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now

Reply
khalilg
Regular Visitor

Dynamic RLS with complex security module

‎10-03-2021 11:46 PM

Hi,

I'm trying to create a Dynamic RLS for a complex security module,

here are the table structure and relationship:

 

Table 1. Users

UsernameCompany CodeRole TypeAccess ID
AAS 
BAA 
CAR77
DBB 

 

Table 2. Roles

UsernameAccess Detail
A12345
A67891
C77
D97

 

Table 3. Data

IDDateValueCompany CodeRole SRole BRole R
101-01-20211A12345 77
201-01-20212A67891  
301-05-20213A  77
410-01-20214B 97 

 

As it's showing in the above Data Table, User "A" should be able to see the first 2 rows as Role S 12345 & 67891 are linked to user A in Roles Table and user A is in Company "A", User “C” should be able to see row 1 and row 3 as Role R is 77 and 77 is linked to user C and the user is in Company “A”, and finally User “D” should be able to see only row 4 as Role B is 97 and user Company is “B”.
User “B” should be able to see everything as Role Type “A” is Admin.
So, the relationship here is:

  1. Table 1 (Username) -> Table 2 (Username)
  2. Table 1 (Company Code) -> Table 3 (Company Code)
  3. Table 1 (Role Type) -> Table 3 (Role S, Role B or Role R)
  4. Table 2 (Access Detail) -> Table 3 Value of (Role S, B or R)

I’ve tried different type of DAX expression but with no luck so far, any ideas that might help in resolving this?
Thanks in advance,

Message 1 of 2
354 Views
0
1 REPLY 1
lbendlin
Super User
Super User

‎11-01-2021 02:14 PM

@khalilg  Why do you have AccessID as part of the Users table?

 

It feels as if you need to have a concatenated list of Access Details in the Users table, and make them company specific to remove the dependency on Company Code.

 

Username Company Code Role Type Access Codes
A A S 12345|67891
B A A  
C A R 77
D B B 97

 

And then in the RLS rules you can check PATHCONTAINS()

 

Message 2 of 2
255 Views
0

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

ArunFabCon

Microsoft Fabric Community Conference 2025

Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.

View All