Skip to main content

PrivaceraCloud Documentation

Table of Contents

Access use-case - How do I disallow a user from seeing certain rows of a table?


Often you want to restrict users from seeing all rows of a table. You may want a user who is based in a country to see the data pertaining to only that country by applying a row filter. To demonstrate this row level filter use-case, click the Row Level Filter tab and open the Sales by Country policy. Confirm that you see the catalog, schema, table set to your catalog, sales_schema and sales_data table. Scroll down to the Row Level Conditions and confirm that your email address is in the Select User and the Row Level Filter is set to country = 'US'. Scroll up and enable the policy by clicking on the Disabled toggle besides the name of the policy. Scroll down and save the policy.

The Row Level Filter policy works in addition to the access policy. So you will need either the Sales Data All Access policy or Sales Data Specific Column policy to be enabled to see the effect of the Sales by Country policy.

Switch to your Databricks Workspace's SQL Editor and re-run the select query on the secure schema:

select * from <catalog>.sales_schema_secure.sales_table

In the results, you will see only the rows that have country values set to 'US'.