Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Preparing for a certification exam? Ask exam experts all your questions on May 15th. Register now.

Reply
Anonymous
Not applicable

Complex Security Model

‎01-10-2019 08:39 AM

Hello,

 

Im trying to achive a slightly more complex security model than just a single filter.

 

The idea is to filter the table named "Security" using RLS with USERPRINCIPLANAME() to filter that table.

 

The security levels are 1 to 4 with 1 being the highest and 4 the lowest.

So:

  • If a user has a level of 1 on a project they should see all sources that are tagged 1, 2, 3, or 4 but also be locked to only the projects they can see.
  • If a user is a 2 then they shouldnt be able to see any data that is tagged with a level on 1.

I have attached a link to an example file that works perfect for just the single project level filtering but I need to involve the security columns too. 

 

Example.pbix

 

Can anyone offer any advice on how this could be done?

Labels:
Message 1 of 2
479 Views
0
1 REPLY 1
sturlaws
Resident Rockstar
Resident Rockstar

‎01-10-2019 03:19 PM

securityModell.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Hi Chris_k, you could try to split up your security table in to parts, one  cointaining the project a user is entitled to see and one with the security level of the users for each project. 

In the security level table, create a new column which is a combination of project and security level, projectSecLvl. Create the same column in table 1 and table 2. Add many-to-many filters between security level table and table 1 and table 2, with filter direction from securityLevel to table1/table2.

Add filter in the manage role window on both security and securityLevel where email=userprincipalname().

It works with the simple example file you provided, but I have not tested it for larger data sets so not sure if that works. 

Your sample file does not contain any examples of the type security level 1 should see all other levels. A way to solve this could be to add all the levels for a user in the security level  table. E.g. if user1 has security level 1 = 1 on project X7, then add rows to the security level table for user 1 for project X7 level 2,3 and 4.

 


regards,
Sturla

Message 2 of 2
464 Views
0

Helpful resources

Announcements
PBIApril_Carousel

Power BI Monthly Update - April 2025

Check out the April 2025 Power BI update to learn about new features.

Notebook Gallery Carousel1

NEW! Community Notebooks Gallery

Explore and share Fabric Notebooks to boost Power BI insights in the new community notebooks gallery.

April2025 Carousel

Fabric Community Update - April 2025

Find out what's new and trending in the Fabric community.

View All