Solved: Re: Do I need to security filter the USERS table I...

michael12 · 03-16-2023 11:50 PM

Hi everyone,

I have a USER table and an SUPERUSER table that I am using with USEREMAIL() to create security filters for my tables so users can only see their own data, but superusers can see everyone's data. The expression I'm using looks like: OR(IN(USEREMAIL(), Superuser[Email]), USEREMAIL() = [Email Column])

1) I don't want users to have access to the USER table because I don't want them to see any username/email address other than their own. Do I need to add a security filter to the USER table? How would I do that?

2) If a parent table is security filtered, do I also need to add security filters to its child tables? My use case is a trip report app where users can add expenses in a child table. If the parent table (trip report) has security filters, do the expenses table also need them? There is no view in my app to see general expenses, only those attached to a specific trip report the user has made.

Thanks!

Marc_Dillon

1. Sounds like you do. [Email]=USEREMAIL() should be sufficient there.

2. Yes, child table needs security filter too, it won't automatically cascade down. They can be simple, pointing just to the parent table, like IN( [parent-ref] , parent[key] )

View solution in original post

Marc_Dillon

1. Sounds like you do. [Email]=USEREMAIL() should be sufficient there.

2. Yes, child table needs security filter too, it won't automatically cascade down. They can be simple, pointing just to the parent table, like IN( [parent-ref] , parent[key] )

michael12

Great, thanks!

Do I need to security filter the USERS table I made for security filters?