@v-tejrama , thanks for your help. I try the file that you gave. In that the isue is that lets take Max who is M3. so he should see only his data and the people who report to him. but when i try i can see that the Name his M1 , M2  is also coming. Actually it should not be the case. as he don't have oeverall access. then he should see only his name and the people who are reporting to him. 
And other thing is that i needd this M1 to M4 in filter. so in that case what is the relationship we need to create.

Hello @unnijoy ,

Thank you again for the detailed feedback. you're right in your observation.

In the current model, since Max has access to Gilly’s data (as her M3), the full row including M1, M2, M3, and M4 is visible. Power BI RLS restricts row-level access, but it does not blank individual column values in that row.

This is why Alex (M1) and Grace (M2) are still shown they belong to that row which Max is authorized to view.

Consider below points:

• We can create secure versions of M1–M3 using DAX that hide those names unless the current user is authorized (or)
• If you want to display only the hierarchy (M1 to M4) relevant to the logged-in user, you can achieve this by leveraging the existing UserHierarchyMapping table. First, create a relationship between UserHierarchyMapping[Employee] and HierarchyTable[M4]. This links each user to their respective hierarchy row. Then, apply a visual-level filter or slicer on the HierarchyTable using the condition [Manager] = USERNAME(). This ensures that only those hierarchy rows where the logged-in user is the manager) are shown in the report. As a result, users will only see the M1 to M4 combinations that belong to their reporting tree.

Thank you.

@v-tejrama Thanks for the explanation. Here in our case. we should only show the data that the user is authorized to see. So if we are not adding All access. then they shouse see only the people who are reporting to them. In the above explantion you said that we can hide that using a DAX. can you pls show how that DAX will be.

Hi @unnijoy ,

Thanks again for your clarification and follow-up.

I’ve now reproduced the scenario exactly as per your latest requirement where users should see only the data they are authorized to view, and all higher-level hierarchy values (M1–M3) are masked if not authorized.

In this updated solution:

• If a user is not granted full access, they will see only:
• Their own data
• Data of users reporting directly or indirectly under them (based on the hierarchy path)
• M1, M2, and M3 columns are now dynamically masked using DAX measures, so unauthorized users cannot see manager names above them in the hierarchy.
• Users with IsFullAccess = TRUE (like Alex, Tom) will see the entire dataset.

I’ve attached the .pbix file and screenshots for your reference. You can use “View As” to simulate different users like Grace, Max, Gilly, etc., and validate how the secure hierarchy behaves across levels.

Th@unnijoy,ank you.

@v-tejrama thank you very much. We are almost their. I need to use the M1 to M4 as a drop down filter. But in this case when i use M1 to M4 as filter and then view role as Red i can see all the name from M1 to M4 . How can we set so that only the people how they have access should come in the filter.

So as per my case only the name Red should come here. as he is M4 and no one report to him. how can i set that. Rest all are good.

Hi @unnijoy,

Thanks again for your detailed feedback and scenario clarification.

I’ve now fully implemented the expected solution including:

• Dynamic Row-Level Security (RLS)
• Masked Hierarchy Columns (M1–M3)
• Secure Dropdown Slicers that show only authorized values per user

Users without full access now:

• See only rows where they are in M1–M4 path
• See only M1/M2/M3 names that they are authorized to view
• Have restricted slicer options using secure filtering measures (e.g: M1_Filter_Visible, M2_Filter_Visible, etc.)
  
  

I tested this using “View As”, and the output matches your expectation e.g: when viewing as Red, only Red’s data appears, and slicers show only relevant hierarchy names.

I’ve attached the .pbix file for your reference. Feel free to test with different roles like Max, Grace, or Gilly using “View As”.

Thank you.

Tejaswi.

@v-tejrama , thanks for the help. One last question. 

If i have some user's  who are not part for M1 to M4. But i need to give them access to see the sales.

Below are some of the cases.

Name       Access
Nithin        M1
Ullas          M1 M2 M3

Vicky          All

The above users are not part of any of this M1 to M4. But i need to give them access. how can we achive this.

Hi again @unnijoy ,

yes, this can be achieved. For users like Nithin, Ullas, and Vicky, who are not part of the main M1–M4 hierarchy but still require access, we can handle them by extending the logic in the existing security model:

• We can add them to the UserAccess table with a custom field like AccessScope to define which levels (e.g: M1, M2, M3) they should have visibility into.
• Then, we adjust the secure masking DAX measures (like M1_Secure_Measure, M2_Secure_Measure) to honor this scope.
• Users like Vicky, who need full access, can be granted it by setting IsFullAccess = TRUE, and they will see all data without restrictions.

This approach keeps your RLS intact while allowing non-hierarchy users to securely view only the relevant parts of the report.

 
Thank you.