User Management
      Back to home
      1. Datagration Knowledge Base
      2. Admin
      3. User Management

      Power BI Row Level Security

      Apply Power BI Permission to restrict data access at a user level.

      Row level Security is used to restrict data access for given users within a company.  It uses a filter applied at the static table or the Dim entity Table. 

      Microsoft Support for Row Level Security

      How to Apply Power BI Permissions

      The Data Model needs to be set up correctly in order to assign roles and manage them properly. If the Data Model is not set up correctly, it will be more difficult to select a role and ensure they are only seeing what they have permission for. Please review the Data Model and ensure all the necessary connections have been created before proceeding.

      Data Model Example
      One (1) main table connected sub tables by a unique identifier:

      Guide to set up permissions.

      • On the “HOME” tab, select Modeling

      • On the Modeling Tab select “MANAGE ROLES”



      If filtering for a specific signal, use the

      "Signal Name" IN VALUES ( Roles[Role] )

      to have the Power BI Row Level Security match the Cloud Admin User Group.

      Do not select “CREATE” on the Manage roles prompt.

      • Create a new name for the role.  The example uses “CARDINAL.”

      • Apply a filter to the main table.  In the example, the table is  “Production Operator Static Data” table. It is a good filter because it is connected to all the data tables in the Data Model. (Please review Data Model above*)

      A filter can be applied to almost any column from this table based on the specific role of the use. 

      • Select column “[FilterLevel1( )]” which stands for ‘Gathering systems.'




      In the example, Filter Level 1 has the following values:

      • Select All
      • CARDINAL
      • EOG
      • NON-OP
      • NON_DEDICAT
      • SALEM
      • Unassigned





      Not required, but the ability to create a role for each value exists.  The example continues using “CARDINAL."

      • After selecting “Filter Level 1”, the word “Value” will needs to be replaced with the value for the dashboard filter.
      • Click “SAVE.”  A new user role is created.


      Example

      Role Type Permian has been created by filtering the division column to “Permian” from the static table.

      When the dashboard is published, and a user is from the “Permian” group their view of the report will be limited to what is relevant to their group.


      All Access is 1=1
      default access is 1=0