Using Row Level Security for PowerBI reports

0

Hi Klaus,
if it should mimic 'current' access to document as is in Webcon, then it's as "simple" as joining with WFSecurities, CacheOrganizationStructureGroupRelations, and CacheOrganizationStructure, then just filter by current user using USERPRINCIPALNAME() or USERNAME() DAX functions.

An example query how to join with WFSecurities can be found here: https://github.com/lumenn/webcon-privileges-lookup/blob/main/PrivilegesLookupQuery.sql

It might be on the heavy side of queries, especially if there are some aggregates, but that's how you could technically achieve it.

It's not a db level row security though, and if user would connect to the db directly, then nothing stops them from querying anything else (but this goes for whole platform).

Hi Maksymilian,

thank you very much for the reply.
That looks very promising!

The only thing I'm still struggling a bit is how to extract the members of security groups. I.e. The read permissions are given to group "Departement A", how do I find out if the current user is part of it.
I have a few ideas, but couldn't validate them yet.

Kind regards
Klaus

Take a look at selected lines: https://github.com/lumenn/webcon-privileges-lookup/blob/main/PrivilegesLookupQuery.sql#L4-#L50, that's how i handled it :)

Excellent!

Thank you very much!