1 Reply Latest reply on Mar 21, 2016 2:33 PM by Fernando Luna

    Tableau and Postgres - Have Tableau not show tables/views to which the user has no privileges

    Fernando Luna

      I'm fairly new to both Tableau and Postgres in general. I have created separate schemas for tables and views. I'd like to have Tableau users that connect using a specific user to only view those objects to which they have access (ie: in the case of the user logging onto Tableau for our organization, they should only be able to access the semantic layer we've designed, which consists exclusively of views).

       

      To my dismay I notice that Tableau seems to show the user both tables and views. It makes for an awkward user experience for the user to be able to see tables that they have no privileges on. I'd prefer for the user to only be able to see what I intend for them to see.

       

      What's the best way to accomplish this?

       

      Have Tableau only display objects that the user has privileges to select data from. Currently everything is displayed. I'm not certain why this is possible. Isn't it counter-productive for the user to see tables to which they have no access?

        • 1. Re: Tableau and Postgres - Have Tableau not show tables/views to which the user has no privileges
          Fernando Luna

          Upon further reflection, I found the following (after turning on logging info in Postgres):

           

          When Tableau connects this is the SQL executed:

          select relname, nspname, relkind

             from pg_catalog.pg_class c, pg_catalog.pg_namespace n

            where relkind in ('r', 'v')

              and nspname not in ('pg_catalog', 'information_schema', 'pg_toast', 'pg_temp_1')

              and n.oid = relnamespace

            order by nspname, relname

           

          A small edit to this query:

           

          select relname, nspname, relkind

             from pg_catalog.pg_class c, pg_catalog.pg_namespace n

            where relkind in ('r', 'v')

              and nspname not in ('pg_catalog', 'information_schema', 'pg_toast', 'pg_temp_1')

              and nspname in (select schema_name from information_schema.schemata)

              and n.oid = relnamespace

            order by nspname, relname

           

          ..would solve my problems - it shows only the tables/views the user is supposed to be able to access and use within Tableau. It seems rather useless to display tables that the connected user is not allowed to query or access in any other way and I can't understand the notion that displaying non-accessible objects isn't a security risk.

           

          Is there a way to modify what Tableau queries when it connects to Postgres?