By:Rahul Mehta | | Related Tips: > Reporting Services Security
In general, reports provide singular and comparative analysis and can be formatted as statistical, tabular or graphical. At times, confidential data should only be available to certain users. With SQL Server Reporting Services , how can we implement column level security in order to restrict a user's to view certain data.
SQL Server Reporting Services includes a feature called Column Visibility which can be used to implement column level security. In this tip will we demonstrate column level security with the following steps:
First Step: Create a table to manage column level access to sensitive data on a per login basis.
Second Step: Create a stored procedure to return the login column security information.
Third Step: Build an SSRS report with a parameter in to read the login column security information from the stored procedure created in step 2.
Fourth Step: Implement the Column Visibility feature to use the SSRS parameter to show or hide columns.
NOTE - This tip assumes you are proficient at building SQL Server Reporting Services Reports. If you are new to the technology, check out this tutorial .
Step 0 - Setup a Sample Data Set
I have created a sample table called Employee with an identifier, name, age and salary.
I have also created a sample report of the Employee table to show all columns from the table:
Step 1 - Sensitive Data Management
Create a second table called "FieldRules" which has three fields: UserName(nvarchar), FieldName(nvarchar) and IsVisible(bit). Once created, add a sample record. In this case, I have added a sample user with field name (i.e. Salary) to show/hide the visibility (i.e. set to false) as shown below.