If you found this exercise useful and you’d like to say thanks you can click here to make a contribution. Thanks for trying our exercises!

WISE OWL EXERCISES

SSAS EXERCISES

SSAS - TABULAR EXERCISES

SSAS - tabular | Security exercise | Apply security roles to restrict model access in various ways

This exercise is provided to allow potential course delegates to choose the correct Wise Owl Microsoft training course, and may not be reproduced in whole or in part in any format without the prior written consent of Wise Owl.

The answer to the exercise will be included and explained if you attend the course listed below!

Software ==>	SSAS - tabular (29 exercises)
Version ==>	SSAS 2012 and later
Topic ==>	Security (2 exercises)
Level ==>	Harder than average
Course ==>	SSAS - Tabular Model

Before you can do this exercise, you'll need to download and unzip this file (if you have any problems doing this, click here for help).

You need a minimum screen resolution of about 700 pixels width to see our exercises. This is because they contain diagrams and tables which would not be viewable easily on a mobile phone or small laptop. Please use a larger tablet, notebook or desktop computer, or change your screen resolution settings.

If you haven't already done so, run the SQL script referenced in other SSAS Tabular exercises to generate a database (not for commercial use or copying) called MAM.

Create a new project and model, and import the following tables: tblAnimal, tblProduct, tblSpecies, tblTransaction. Create a measure in the transactions table to show total quantity sold.

Create a role called Penguins only, with a row filter which says that you should only be able to see data from the Animal table when the following conditions hold:

Condition	Notes
Animal is a penguin	The AnimalName column for the query context is Penguin
CustomData is set	The CustomData information in the connection string passed in is set to Penguin lovers.

Analyse your model in Excel using the Penguins only role, to get the following pivot table:

This is showing quantity sold by product, but the role isn't allowing you to see any data.

Now amend the connection string in Excel to include the following phrase:

The text to add to your connection string (the rest of the string will be different, of course, on your machine).

Refresh your pivot table if necessary to get:

You should now be able to see your penguins!

Now go into Management Studio and run the script called Create table of authorities.sql from the folder at the top of this exercise. This should create the following table of authorities:

A table showing which roles have access to which data.

Import this table into your data model.

Create two roles with read access to data, and set row filters for the Animal table as follows:

Role	Access to animals table
BG	If you can find a row in the tblAuthority table where the Person is Bear Grylls and the Animal matches the AnimalName for the current query context, return TRUE(); otherwise, return FALSE().
Others	The same logic, but this time looking for Everyone else.

Analyse your model in Excel using the BG role - you should see only the following animals:

The animals made visible by the BG role.

Manually edit the connection string in Excel to use the Others role, not the BG one, to see:

The data for cute and cuddly (or at least, safe) animals.

Optionally, save this workbook as Most deadly, then close it and your model down.

This page has 0 threads Add post