Row-level security

Managing row-level access

The data model serves as a facade of your data. With row-level security, you can define whether some data model facts are exposed to end users and can be queried via APIs & integrations. Row-level security in Cube is similar to row-level security in SQL databases. Defining whether users have access to specific facts from cubes and views is similar to defining access to rows in database tables. By default, all rows are public, meaning that no filtering is applied to data model facts when they are accessed by any users.

Managing row-level access

You can use access policies to manage both member-level and row-level security based on groups and user attributes. Here’s an example of how to filter rows by a user attribute using access policies:

cubes:
  - name: orders
    # ...

    access_policy:
      - group: manager
        row_level:
          filters:
            - member: country
              operator: equals
              values: [ "{ userAttributes.country }" ]

Access policies Member-level security

⌘I

Getting Started

Explore & Analyze

Present & Share

Organize content

Data Modeling

Pre-aggregations

Integrations

Managing row-level access

Getting Started

Explore & Analyze

Present & Share

Organize content

Data Modeling

Pre-aggregations

Integrations

Documentation Index

​Managing row-level access

Managing row-level access