This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Security Filter based on admin and user

Posted on 12-04-2023 08:49 AM
G_S
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

I am having a table called Employee

I have key value as [Email]

[Role] column 

I want to set a security filter that Admin role people can see all records and user can see only their records 

I used below expression but it throws error 

G_S_0-1701708496142.png

Expression which is used :

IF(IN(USEREMAIL(),SELECT(Employee[Email ID],[Role]=Admin)),TRUE, [Email ID] = USEREMAIL())

Please suggest correct expression !

0 8 199
Topic Labels
0 Likes
8 REPLIES 8

Posted on --/--/---- --:-- AM
G_S
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Any Suggestion on the above expression?

0 Likes

Posted on --/--/---- --:-- AM
G_S
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Please suggest Expression if anyone find the solution

 

0 Likes

Posted on --/--/---- --:-- AM
baba_sawane
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Hi G_S,

Try :

  • any(select(Employee[Role], [Email ID] = useremail())) = "Admin"

or

  • INDEX(Employee[Role], 1) = "Admin"
0 Likes

Posted on --/--/---- --:-- AM
G_S
Bronze 3
Bronze 3
In response to baba_sawane
Reply posted on --/--/---- --:-- AM

Getting Same Errror @baba_sawane 

Table 'Employee' has an invalid security filter '=IF(any(select(Employee[Role], [Email ID] = useremail())) = "Admin",true,[Email ID]=USEREMAIL())'. The filter expression cannot reference the table being filtered.

0 Likes

Posted on --/--/---- --:-- AM
baba_sawane
Silver 5
Silver 5
In response to G_S
Reply posted on --/--/---- --:-- AM

I suggest you either create a 2nd table for Admin, or use a slice and then filter rows with the above formula.

If you only have 2 roles you can also use userrole() instead of a role column.

0 Likes

Posted on --/--/---- --:-- AM
G_S
Bronze 3
Bronze 3
In response to baba_sawane
Reply posted on --/--/---- --:-- AM

No change , I am getting same error , I can't create separate table ,any suggestion to get with existing table @baba_sawane 

0 Likes

Posted on --/--/---- --:-- AM
baba_sawane
Silver 5
Silver 5
In response to G_S
Reply posted on --/--/---- --:-- AM

Using slices :

user slice : " [Email ID]=useremail() "

admin slice : no filter

Then create a view for both slice with display condition : 

user view : any(select(Employee[Role], [Email ID] = useremail() )) = "User"

admin view : user view : any(select(Employee[Role], [Email ID] = useremail() )) = "Admin" 

I don't know if it will be convenient for you tough

0 Likes

Posted on --/--/---- --:-- AM
Aurelien
Google Developer Expert
Google Developer Expert
Reply posted on --/--/---- --:-- AM

Hi @G_S 

You can't use a security filter that is running against the same table.

I would suggest:

- create a mirror table "Employee_Mirror", which content will have the email and any relevant column and will be updated by a bot at any change on your Employee table

For example, Employee_Mirror would have two columns: [Email ID] and [Role]

- use this one to filter your "Employee" table with the security filter

Such expression would be:

 

OR(
  [Email ID] = USEREMAIL(),
  IN(USEREMAIL(),FILTER("Employee_Mirror",[Role]="Admin")
)

 

- make sure there is no Ref type column in the mirror table, so that there is no breadcrumb trail that will lead to it

- don't create any view on this mirror table

 

0 Likes
Top Labels in this Space