1 of 1 people found this helpful
Re: Data security in Tableau I have outline how to use inner join to do that. If you apply the filter to Database, as I showed, it does not matter if a users can downloads the workbook, they would not be able to see the data they are not allowed.
Thanks for the sharing a quite good insights...
Hope an user can edit the data source after downloading... So he can remove this joins and remove User filter applied over the Data source level.. so this is our concern.. and more over this is used to restrict data level it seems and not on column level.
Please advise on my questions and correct me if i am wrong,
I understand your concern. When you apply an inner join filter, the only data the user have is the one you have allowed them. So when they download the workbook and remove the filter, it does not matter because the only data they can download is filtered at the database level. Removing the filter won't give them access anywhere you don't want them to be.
Yes, this can be applied to a whole column too
Thanks for your quick response..
Nope Daniel, on removal of the User filter the user can see all the data without any restriction and am using tableau 10.0 ver.
And with the User filter i am unable to hide the table column name.. i can hide data only not column name as per user log in....
Another quick question is there any option to get the tableau server User's ID so that i can try a mapping in DB level and restrict from DB level...
Additionally on user accessing DB with Live or Extract by refreshing the data source and removing User filter at data source level.. They are able to view data.
Thanks for the tender response ..
I use data source filter to filter by name like User_name = Username() in Calc field and added to data source filter it works, but as u stated earlier when we remove the data source filter from data tab, i can see all the data......
Is there any option to filter by using custom SQL by using the same formula used in Calc field Like "User_name = Username()", if its there then i can restrict via DB.. Please advice....!!
But still i can't find a resolution to hide Table column based on User login name...
I don't think custom SQL is any better as users can edit it if they have access to the data source. I have tested and concluded that as long as a user can edit the workbook and have access to Database, they can bypass filters.
For now, the best way is to publish the work on Tableau Server and restrict permission to download the workbook.
BTW: I have added update notes on my previous comments on these methods.
Update: Note on Users with Access to Database Tables/Views
This method does not work with users that have both permission to download the workbook and has access to the database tables/views.
Users with permission to download workbook can remove all kinds of filters, thus if they also have access to the tables/view in the database, they
will be able to see all data.
What to do:
- Make sure that those who can download the workbook do not have access to the database tables/views
- If possible, revoke permission to download the workbook.
Thanks a lot for sharing valuable insights...
As u said we are good to go with tableau server and working on some other solution for tableau desktop..
Yes, But is it possible to get integrate our DB with Tableau metadata..?
may be yes (in future)
may be no (currently)