# Row Level Security

When setting up a schema in the management console, you can set row level security on groups and/or users. Set groups or users with row level security so they only see the data that’s relevant to them within WriteBackExtreme. Overall, row level security provides a powerful mechanism for controlling access to sensitive data in a database. By restricting access to specific rows based on the identity of the user, you can ensure that your data remains secure and confidential, while still allowing authorized users to access the information they need to do their jobs.

An example is that users in a particular department will only see their departments data. Multiple rules can be set up so groups/users can see their departments information in a particular region for example.

* The rules within a policy will be stacked. This means that data is only shown when all conditions are met (AND)
* Defining multiple policies for a schema will result into a union (OR)
* Multiple entitlements within a user or group will create a union (OR)

<figure><img src="https://appsfortableau.infotopics.com/wp-content/uploads/2023/02/Screenshot-at-1-1.png" alt=""><figcaption></figcaption></figure>

### How it works

Choose the entitlements of your user or group and set the value that applies to your schema. The user or group will only see the data within these fields.

<figure><img src="https://appsfortableau.infotopics.com/wp-content/uploads/2022/11/Vince-Order-Number.png" alt=""><figcaption></figcaption></figure>

When connected to the schema only the rows will be present in your data set

<figure><img src="https://appsfortableau.infotopics.com/wp-content/uploads/2022/11/Vince-WriteBackExtreme.png" alt=""><figcaption></figcaption></figure>

### RLS Entitlement import

For customers that have an existing set of entitlements for their RLS policies we have the following solution to easily import this into WriteBackExtreme. Any ETL tool can be used to populate our internal WriteBackExtreme RLS entitlements table. Since you are already use Tableau we recommend to achieve this with Tableau Prep. In Tableau prep you can transform your entitlement dataset to our data structure for the RLS Entitlements. After setting up this prep, you can easily add it as a scheduled task in your tableau server instance. As an example we have created a sample file that can be used as an inspiration.

The most important of the prep is that you need to populate the `_rls_entitlements` table. The following columns need to be populated:

* assignable\_type (this needs to be `user` or `group` since we can set entitlements for groups or for users.
* assignable\_id (the id of the user or the group) (note that this should be our internal id in the `_users` or `_groups` table)
* property (the name of the entitlement)
* value (the value of the entitlement)

<figure><img src="https://appsfortableau.infotopics.com/wp-content/uploads/2023/02/sync.png" alt=""><figcaption></figcaption></figure>

Want to try it yourself? Use our example files as inspiration!

[DOWNLOAD EXAMPLE FILES](https://appsfortableau.infotopics.com/wp-content/uploads/2023/02/Example-files-2.zip)<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.infotopics.com/writebackextreme/features/management-console/schemas/row-level-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.