Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
chris_k
Helper I
Helper I

Complex Security Model

‎01-10-2019 08:39 AM

Hello,

 

Im trying to achive a slightly more complex security model than just a single filter.

 

The idea is to filter the table named "Security" using RLS with USERPRINCIPLANAME() to filter that table.

 

The security levels are 1 to 4 with 1 being the highest and 4 the lowest.

So:

  • If a user has a level of 1 on a project they should see all sources that are tagged 1, 2, 3, or 4 but also be locked to only the projects they can see.
  • If a user is a 2 then they shouldnt be able to see any data that is tagged with a level on 1.

I have attached a link to an example file that works perfect for just the single project level filtering but I need to involve the security columns too. 

 

Example.pbix

 

Can anyone offer any advice on how this could be done?

Labels:
Message 1 of 2
435 Views
0
1 REPLY 1
sturlaws
Resident Rockstar
Resident Rockstar

‎01-10-2019 03:19 PM

securityModell.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Hi Chris_k, you could try to split up your security table in to parts, one  cointaining the project a user is entitled to see and one with the security level of the users for each project. 

In the security level table, create a new column which is a combination of project and security level, projectSecLvl. Create the same column in table 1 and table 2. Add many-to-many filters between security level table and table 1 and table 2, with filter direction from securityLevel to table1/table2.

Add filter in the manage role window on both security and securityLevel where email=userprincipalname().

It works with the simple example file you provided, but I have not tested it for larger data sets so not sure if that works. 

Your sample file does not contain any examples of the type security level 1 should see all other levels. A way to solve this could be to add all the levels for a user in the security level  table. E.g. if user1 has security level 1 = 1 on project X7, then add rows to the security level table for user 1 for project X7 level 2,3 and 4.

 


regards,
Sturla

Message 2 of 2
420 Views
0

Helpful resources

Announcements
Europe Fabric Conference

Europe’s largest Microsoft Fabric Community Conference

Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.

Power BI Carousel June 2024

Power BI Monthly Update - June 2024

Check out the June 2024 Power BI update to learn about new features.

RTI Forums Carousel3

New forum boards available in Real-Time Intelligence.

Ask questions in Eventhouse and KQL, Eventstream, and Reflex.

View All