Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Be one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now

Reply
DebbieE
Community Champion
Community Champion

Role Based Security stopping certain users from accessing drill through reports

I have a report with all the top level visualisations without any detailed data

 

I have drill throughs set up to detailed reports containing the underlying data

 

Ive looked at role based security but I cant see how you could stop certain users from drilling through to the underlying data

 

Does anyone have any ideas on this?

 

Thanks in advance

5 REPLIES 5
v-juanli-msft
Community Support
Community Support

Hi @DebbieE

create three tables and relationships as below

6.png

Manange rold as below, see details here 

https://docs.microsoft.com/en-gb/power-bi/report-server/row-level-security-report-server

8.png

 

 

Add [details] in the table visual on page2, add [Category] from "top level" table in the Drillthrough filter field

7.png

 

add [category] from "top level" table in the table visual on Page1,

view as specific role, click ok, then drillthrough to page2

10.png

 

As tested, user "dale" can only see his own data.

 

 

Best Regards

Maggie

 

 

Community Support Team _ Maggie Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Ive set up exactly as stated but its not worked.

 

Ive tried testing in service as ell as the desk top but you can see the detail of every row no matter who you log in as

 

Test1A.GIF

Hi @DebbieE

1. Make the relationship between "Toplevel" and "details" tables "single direction".

 

2.create RLS formula in the "User" table as my screenshot shown.

 

3. the "user" column in my test is the account which users use to log in the power bi instead of users' names.

for example, i user the following to sign in power bi.

ljj@organization.domainname.com

 

4. if you publish the pbix report to an App workplace where members have edit permission, then RLS doesn't work.

please only give view permission to your users.

 

Best Regards

Maggie

 

1. Make the relationship between "Toplevel" and "details" tables "single direction".

 

Ahh this was cross filter direction Both. Changed to Single

 

2.create RLS formula in the "User" table as my screenshot shown.

 Already done

 

3. the "user" column in my test is the account which users use to log in the power bi instead of users' names.

for example, i user the following to sign in power bi.

ljj@organization.domainname.com

 

Same as ours. Understood

 

4. if you publish the pbix report to an App workplace where members have edit permission, then RLS doesn't work.

please only give view permission to your users.

 

Im the only one with Access in my App workspace. I added the other person as a contributer if thats what you mean? These havent been added into the App yet Im just testing in the workspace. Do you mean  add them to the App workspace OR just add them to the actual app?

 

Now I am seeing different behaviour. I can see everything all the time which now makes sense because Im the owner. I didnt realise that before

 

My other users password now cant see anything at the top level 'The visual Contains restricted data'. So this hasnt worked because its restricting the top level. I have just checked again and my relationships are identical to your screenshot

 

Test 1: Add other user to App (Not app workspace)

           I can see everything. Other user - The visuals contain restricted data

 

Test 2: Take other user out of App and Add to App workspacec as Contributor

           I can see everything. Other user - The visuals contain restricted data

 

Test 3: Chage App workspacce to Member

           I can see everything. Other user - The visuals contain restricted data

 

Test 4: Chage App workspacce to Admin

           I can see everything. Other user - The visuals contain restricted data

 

I think I have figured out the issue. I have been testing in service without first adding them as members. Although now I just cant see any data for each member rather that it being restricted

 

I still down understand how row level security works with 

1. Adding people to the app workspace (People you work with and work on the project)

2. The App (People who just view the reports)

Fantastic.

 

I will go through this this morning and let you know how it goes

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

ArunFabCon

Microsoft Fabric Community Conference 2025

Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.