Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Level up your Power BI skills this month - build one visual each week and tell better stories with data! Get started

Reply
Amik_singh
Advocate I
Advocate I

Row Level Security

‎12-15-2025 09:11 AM

When implementing dynamic RLS using the USERPRINCIPALNAME() function on a dimension table, what unexpected data visibility issue can occur if an active one-to-many relationship exists from the secured dimension table to a large, unsecured fact table, and the dimension table has an active relationship to a separate, smaller bridge table?

Labels:
Message 1 of 3
348 Views
1 ACCEPTED SOLUTION
Amar_Kumar
Super User
Super User

‎12-15-2025 09:16 AM

@Amik_singh The unexpected issue is an Incomplete RLS Propagation due to Relationship Ambiguity. If the DAX expression for RLS does not correctly account for the bidirectional filtering (or filter propagation settings) across both the fact and the bridge table paths, the user might see some fact data filtered correctly, but the relationships involving the bridge table could inadvertently expose related records that should have been masked, thus bypassing the intended security filter on the secured dimension table.

View solution in original post

Message 2 of 3
329 Views
2 REPLIES 2
Kmaha986696
New Member

‎12-15-2025 09:16 AM

This can cause users to see more data than expected. Even though the RLS rule is defined correctly on the dimension table using USERPRINCIPALNAME, the issue comes from how filters move through the model. When the secured dimension has an active relationship to a large fact table and also another active relationship to a smaller bridge table, the bridge can introduce extra keys into the filter context. Those keys can then flow back into the fact table and expand the result set. As a result, fact rows outside the user’s intended access can become visible, without any warning or obvious sign that something is wrong. This is most common in models with multiple active or bidirectional relationships and is easy to miss unless you carefully test using View as role.

Message 3 of 3
328 Views
0
Amar_Kumar
Super User
Super User

‎12-15-2025 09:16 AM

@Amik_singh The unexpected issue is an Incomplete RLS Propagation due to Relationship Ambiguity. If the DAX expression for RLS does not correctly account for the bidirectional filtering (or filter propagation settings) across both the fact and the bridge table paths, the user might see some fact data filtered correctly, but the relationships involving the bridge table could inadvertently expose related records that should have been masked, thus bypassing the intended security filter on the secured dimension table.

Message 2 of 3
330 Views

Helpful resources

Announcements
Fabric SQL PBI Data Days

Data Days 2026 coming soon!

Sign up to receive a private message when registration opens and key events begin.

New to Fabric survey Carousel

New to Fabric Survey

If you have recently started exploring Fabric, we'd love to hear how it's going. Your feedback can help with product improvements.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All