Managing access at the data row level (RLS)
Using RLS (row-level security), you can restrict data access for users within a single dataset.
For example, you can restrict access for different customers.
In a dataset, you can restrict data access at the row level.
You can restrict access to any dataset dimension.
Each user can be granted rights to an unlimited number of measure values.
Restrictions are set in the access configuration and look like this:
'[value 1]': [user 1], [user 2] '[value 2]': [user 3] '[value 3]': [user 1], [user 2], [user 3]
Values and users can be defined using wildcard characters:
user 2can access any values of the field
*: [user 1], [user 2]
value 1value is available to all users
'[value 1]': *
Quotes in values are set using double quotes:
'value in ''quotes''': [user 1], [user 2]
With RLS, a query to a dataset passes through the following filter:
where [dimension] in ([value 1], [value 2]... [value N])
If you have set permissions at the row level, make sure to apply the
Execute permission for the dataset. In this case, nobody can edit row permissions or open the data preview window.
How to change permissions to a row in a dataset
To configure permissions for a data row value:
Open the dataset.
On the right of the row, click and select Permissions.
Enter the value of the field and users in the specified format and click Save.
'[value 1]': [user 1], [user 2] '[value 2]': [user 3]
For example, to configure access to the
first-companyvalue for the
Save the dataset.