Row-level security

The data model serves as a facade of your data. With row-level security, you can define whether some data model facts are exposed to end users and can be queried via APIs & integrations. Row-level security in Cube is similar to row-level security in SQL databases. Defining whether users have access to specific facts from cubes and views is similar to defining access to rows in database tables. By default, all rows are public, meaning that no filtering is applied to data model facts when they are accessed by any users.

Managing row-level access

You can use access policies to manage both member-level and row-level security based on groups and user attributes. Here’s an example of how to filter rows by a user attribute using access policies:

cubes:
  - name: orders
    # ...

    access_policy:
      - group: manager
        row_level:
          filters:
            - member: country
              operator: equals
              values: [ "{ userAttributes.country }" ]

Access policies Member-level security

⌘I

Authentication

Access Control

Authentication

SSO & Identity Providers

Users & Permissions

Row-level security

Row-level security

Managing row-level access

Authentication

Access Control

Authentication

SSO & Identity Providers

Users & Permissions

​Row-level security

​Managing row-level access

Row-level security

Managing row-level access