Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Get certified in Microsoft Fabric—for free! For a limited time, get a free DP-600 exam voucher to use by the end of 2024. Register now

Reply
Anonymous
Not applicable

Restrict access to entire page in a report.

Hi, 

I have a report with multiple pages.  One page has employee costs report for the organization and I want to provide access to this report only to the senior managers.  I did the following to meet this requirement. 

1. Create a role and selected the tables that feed data to this table.  Selected 'hide all rows' as filtering criteria. 

2. In the dataset security in service, add the users for this role and they will be restricted from seeing this report. But the problem lies when there are more number of users. Do i need to manually add each and every user to the security group for this role.   Is there any chance of selecting senior managers who are less in number and rest are all users should be restricted from accessing the report.  Something like 'Not' operator in the filter criteria. 

 

Is there any better way to meet this requirement. 

1 ACCEPTED SOLUTION
Anonymous
Not applicable

Yes using basic row level security.  Thanks for your reply though. Appreciate it. 

View solution in original post

9 REPLIES 9
martinmichalsky
Frequent Visitor

Hi, I know it is a little late, but I was facing similar issue and I fixed it following way:

  1. Hide all the pages
  2. Create Custom buttons for page navigation - 1 button is needed for each page which should be hidden
  3. Add table with user email and role - for me I added additional Flag 1/0 in case user was supposed to see all the pages
  4. Create RLS, so that logged in user see just his email adress and his role - here theoreticaly you don`t need RLS, you could achieve something similar with DAX measure which will check role for logged user via USERPRINCIPALNAME() and SELECTCOLUMNS()
  5. Create Measure for each Button and set up conditional action based on measure`s field value, something like this martinmichalsky_0-1686746769544.png

     

  6. Create 1 more measure which will make text/border transparent in case user is not supposed to see the button
    martinmichalsky_1-1686746833353.png
  7. Add those navigation buttons to each page. 

Users which are flaged, will see the buttons and will be able to click on them; users who are not flagged, wont see some of those buttons. 

 

Please tag as solution in case it helped

BR

Martin 

This is great. I love this a lot. I have set up my two groups to be called 'Restricted' and 'Unrestricted'. Here is the DAX i've used: 

Unrestricted Button = IF(MAX('RLS Key'[Status]) = "Unrestricted", "#FFFFFF00")

My problem is, that when I view as 'Restricted' my button is solid white, but I would like it to be a different colour, and am unsure how to change this? 
WorkHard
Helper V
Helper V

This is way too complicated imo. There should be a native way to set permissions per page.

Sometimes I have multiple pages with different levels of detail. So restricting the entire table would not work in this case.

v-yuta-msft
Community Support
Community Support

@Anonymous ,

 

Have you solved your issue by now? If you have, could you please help mark the correct answer to finish the thread? Your contribution will be much appreciated.

 

Regards,

Jimmy Tao

Anonymous
Not applicable

Yes using basic row level security.  Thanks for your reply though. Appreciate it. 

Anonymous
Not applicable

@Anonymous please can explain how you solved this problem using basic row level security?

v-yuta-msft
Community Support
Community Support

@Anonymous,

 

To be general, you can achieve this by create an additional user table and create one username column in each table, then create a relationship between the User table and each table and create a role on the user table using DAX like pattern:

User[UserName] = USERPRINCIPALNAME()

Community Support Team _ Jimmy Tao

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

In all these examples you are talking of a scenario wherein say 10 people have access, 5 should see 3 pages, 3 of them can see 5 pages and 2 of them all pages. In user table you list all the 10 names/ roles. I created reports which has access to all of of them in our department - so I want selected 10 people to see say 10 pages, 2 people to see all pages, while entire dept can see only 3 pages. I cannot sit and enter email IDs of everyone - is there a workaround? 

Have you found a workaround for this?

Helpful resources

Announcements
November Carousel

Fabric Community Update - November 2024

Find out what's new and trending in the Fabric Community.

Live Sessions with Fabric DB

Be one of the first to start using Fabric Databases

Starting December 3, join live sessions with database experts and the Fabric product team to learn just how easy it is to get started.

Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount! Early Bird pricing ends December 9th.

Nov PBI Update Carousel

Power BI Monthly Update - November 2024

Check out the November 2024 Power BI update to learn about new features.