This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Access Grants

Posted on 02-18-2022 09:16 AM
garima-16315814
New Member
Reply posted on --/--/---- --:-- AM

I have user attribute department defined in my looker instance.

I have added this code to a model:

access_grant: can_view_customersuccess_data {
  user_attribute: department
  allowed_values: ["CS"]
}

Then I have added this access_grant to required_access_grants in an explore of this model.

But it is not working.

Users are still able to see the explore even though their attribute is set to something else.

Pls help!!!!

0 2 194
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
ramesh4028
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Few things to be considered while using access_grants with user_attributes.

  1. Make sure the allowed values are exactly matching with user_attribute assigned value. For Ex: If the assigned value is “CS,AB” it will not match with “CS”.
  2. Make sure all the users/groups are assigned with the right department. If user/groups are not assigned any value, and default value mentioned as “CS”, users will fall back to CS as their department.
0 Likes

Posted on --/--/---- --:-- AM
garima-16315814
New Member
Reply posted on --/--/---- --:-- AM

Hi,

Thanks for your inputs.

I was sudoing as another user and testing the changes without deploying the code.

Read the Looker doc on sudoing as another user and understood where the problem was.

Access grants working now. 🙂 

0 Likes
Top Labels in this Space
Top Solution Authors
View all