Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
Anonymous
Not applicable

Security Permission in Power BI report Dashboard when connected with SharePoint Online

‎11-11-2019 01:34 PM

Hello Experts,

Does Power BI report/Dashboard showing Data from SharePoint Online lists also takes care of the item level permission applied on SharePoint List items? For e.g If a PowerBI report is build using SharePoint Online List data with 100 items. Item Level permission is applied in the source list. User X has permission only to 50 items . Does Power BI report shows only those 50 items to which user X ( when he access the Dashboard/Report page in Sharepoint)has access OR it will show all 100 items?  If it shows all 100 items, is there a way ,this restricted permission can be applied ?

Labels:
Message 1 of 7
2,771 Views
0
1 ACCEPTED SOLUTION
GilbertQ
Super User
Super User
In response to Anonymous

‎11-12-2019 03:52 PM
Hi there

Yes you certainly can and this will solve your challenge.

When setting up RLS you can use the DAX function USERPRINCIPALNAME() which will return the logged in users details.

Here is more details on RLS:

https://docs.microsoft.com/en-us/power-bi/service-admin-rls

And here is a great cheat sheet you can try with first: https://www.kasperonbi.com/power-bi-desktop-dynamic-security-cheat-sheet/




Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

View solution in original post

Message 7 of 7
2,686 Views
6 REPLIES 6
v-lid-msft
Community Support
Community Support

‎11-11-2019 11:41 PM

Hi @Anonymous ,

 

When import data from data source such as Share Point Onile, the data imported based on the permission of credential you used, if you use a admin account to refresh the dataset, it can access and import all the data you want. Users who access the report can see all the data if there is no RLS roles applied or they have edit permission of this report.

 

As a workaround, you can create a Template Apptemplate apps that allow your customers to connect and instantiate with their own accounts. 

 

Best regards,

Community Support Team _ Dong Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Community Support Team _ Dong Li
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Message 5 of 7
2,723 Views
0
Anonymous
Not applicable
In response to v-lid-msft

‎11-12-2019 10:46 AM

I think this can be a workaround:

- SharePoint List ,by defaukt ,have column "Created By" which gets impported when Dataaset is created in PowerBi.

- Set up the RLS where Logged In user = Created By , to display corresponding records.

But question is , can we set up RLS based on USerLogged In ? If yes, any steps would be appreciated.

For admins, a seperate dashboard can be set up with all access.

 

Message 6 of 7
2,698 Views
0
GilbertQ
Super User
Super User
In response to Anonymous

‎11-12-2019 03:52 PM
Hi there

Yes you certainly can and this will solve your challenge.

When setting up RLS you can use the DAX function USERPRINCIPALNAME() which will return the logged in users details.

Here is more details on RLS:

https://docs.microsoft.com/en-us/power-bi/service-admin-rls

And here is a great cheat sheet you can try with first: https://www.kasperonbi.com/power-bi-desktop-dynamic-security-cheat-sheet/




Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 7 of 7
2,687 Views
GilbertQ
Super User
Super User

‎11-11-2019 02:28 PM
Hi there

Out of the box, the user will see all 100 items because the imported dataset will show all the data.

With that being said you can apply Row Level Security to only show the data for the specific users
Here are more details: https://docs.microsoft.com/en-us/power-bi/service-admin-rls




Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 2 of 7
2,746 Views
0
Anonymous
Not applicable
In response to GilbertQ

‎11-11-2019 02:36 PM

Thanks Gilbert. RLS actually doesn't solve my problem.

So, If a new record is added in SharePoint List with itemlevel permission to USer X only, the PowerBI dataset is refreshed to reflect new record . This record will be visible to all unless Admin/Owner ,gets into PowerBI and apply RLS to that record.

What I want is if a record is added and User X does not have permission to it in SHarePoint List, then it should also not be visible in PowerBI report dashboard? Is there a way we can avoid manual applying of RLS in PowerBI dataset ?

Message 3 of 7
2,741 Views
0
GilbertQ
Super User
Super User
In response to Anonymous

‎11-11-2019 02:44 PM
Hi there

Unfortunately as it stands today the only way I know how to achieve this is through RLS




Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 4 of 7
2,739 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All