Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
Mumin192
Helper I
Helper I

Row Level Security with different types of permissions

Hello

I work in a company where we have clients that have access to our website with a dashboard. In this dashboard each user have specific permission access of course

Each client is a company, and each company has site

We have three types of users that will use this dashboard:

1- a user who has access to a specific site in one company

2- a user who has access to all sites inside one company

3- a user who has access to everything (admin)

For the 1st type of user, it's easy to arrange RLS

For the 2nd and 3rd type it's not clear how to arrange it

in the DB, we have 3 tables:

1- dashboard_users_sites: it has all users with the 1st type and sites that are allowed. 2nd and 3rd types are not mentioned inside it

2- dashboard_users_companies: it has all users with 1st and 2nd types and companies that are allowed. 3rd type is not mentioned inside it

3- dashboard_users: it has all users from the 3 types 

 

Can you help me designing the table or set of tables that RLS should control it?
Thanks

3 REPLIES 3
Mumin192
Helper I
Helper I

Hello @collinq 

Unfortunately it didn't work. It's showing data only from the 1st type user

Any thoughts?

Thanks

Hey @Mumin192 ,

 

When you say it doesn't work, do you mean in Desktop when you test it or in the Service?  Is there a difference in the test results?




Did I answer your question? Mark my post as a solution!

Proud to be a Datanaut!
Private message me for consulting or training needs.




collinq
Super User
Super User

HI @Mumin192 ,

 

I think that RLS is the solution to all 3 scenarios.  I would set up the RLS for site AND company.  That way you have two criteria - which company and which site and you can mix and match as you see fit.  If you leave some names out (like the admin) then they wil lbe able to see everything.  

The site and the company do not have to come from the same table because you can select from multiple tables in the RLS setup.




Did I answer your question? Mark my post as a solution!

Proud to be a Datanaut!
Private message me for consulting or training needs.




Helpful resources

Announcements
Europe Fabric Conference

Europe’s largest Microsoft Fabric Community Conference

Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.

AugPowerBI_Carousel

Power BI Monthly Update - August 2024

Check out the August 2024 Power BI update to learn about new features.

August Carousel

Fabric Community Update - August 2024

Find out what's new and trending in the Fabric Community.

Top Solution Authors