Sami Yabroudi
Feb 20, 2019 · 1 min read

At Ro we have a significant number of data access permutations (the usual financial + operations + pci levels plus a variety of HIPAA buckets). We also want to minimize the amount of time it takes any Looker user/analyst at Ro to disseminate useful information to the entirety of the company.

Rather than maintain a large number of parallel models, dashboards, and look spaces we’ve opted for column-by-column permissions.

This means that all of our Looker users can see all explores and the names of all possible dimensions and measures. However, if they try to access a dimension or measure in an explore for which they do not have access they will simply get no data. If they are trying to view a visualization/look that someone else created that has information that they are not authorized to access, they will see that the visualization exists but they will not be able to see any data.

For full functionality and implementation details please see this Looker Discourse article

Ro Data Team Blog

Ro Data Team Blog: data analytics, data engineering, data science

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade