Hi All,
I am in the process of implementing a row-level security model within Dataverse to mirror our company's management hierarchy.
I need some guidance on setting this up correctly. Below are my requirements with examples for each:
-
Direct Reports Editing Access: Managers should have the ability to read and edit rows related to their direct reports. For example, if Kate is a manager, she should be able to edit and view rows belonging to her direct reports, Ahmed and Samantha.
-
Visibility Up the Hierarchy: Upper management should be able to view and edit all data entries pertaining to those under their purview. For instance, Brian, who is at the top of the hierarchy, should have edit and view access to all rows of David, Wendy, and all individuals reporting to them.
-
Peer Access Restriction: Individuals on the same management level should not have access to each other's records. For example, while both Kate and Gonzales report to David, they should not be able to view or edit each other's rows.
-
No Upward Visibility: Lower-level managers or staff should not have access to their superiors’ records. For example, Gonzales should not have the ability to view or edit the rows that pertain to David or Brian.
-
Executive Exclusion: Certain high-level individuals, specifically Ian and Debra, should have no visibility or editing capabilities on this table, nor should their subordinates. They are part of the organizational structure but are not involved with this particular dataset.
At the moment I created 3 security roles:
Security role 1: For Brian
Security role 2: For Wendy and David
Security role 3: For Kate, Gonzales, Tom and John
Security 4: For all those under Kate, Gonzales, Tom and John
Would this be correct?.
Thanks in advance.
@dpoggemann , @EricRegnier @ChrisPiasecki @parvezghumra
