Having a bit of difficulty figuring this one out...
I have the need to implement row level user security based upon a table in my database. I'm not able to use a standard User Filter because I literally have thousands of users and setting them all by hand would be impractical. I have usernames in my data source that match Tableau server usernames. Each of those users should only have access to a specific "category" in the data source depending who they are. I've used the following code to grab the category of the current user.
If CurrentUser() = [Username] then [Category] END
This works. Then I use the following to flag that category only in the filter:
[Current User Category] = [Category]
The intent being that if my Category is "Red" then I should see all data in the dataset with the Category of "Red". The problem is, this data set goes down to user level detail below Category. Even though I filtered for a Category and not a User, Tableau is filtering both the Category AND the username. Meaning Number of Records = 1. However, there are 63k other records in the same Category with various usernames.
First - I'm wondering why Tableau is filtering at a lower level than asked. Secondly, how can I force it to stop? I can create a LOD expression and fix the counts at a higher level, but doing so creates all sorts of problems. I have a ton of filters based on various levels and I don't necessarily want to fix or exclude anything. Shouldn't Tableau only be filtering for the Category anyway, and not the Category + Current User? Plus I have underlying data that you can no longer see if I attempt to make a LOD.
I am wondering if you could utilize a join of a copy of your user table such that username and category are in one table and left joined to the data on [Category].
The if CurrentUser()=Username will limit rows just for the username() as it stands.