Current code which checks current logged in user's name against Logon column. End goal being to find all rows of Customer_SK associated with that user. VALUESrow is a measure finding all those SK matches and removing duplicates.
RLSFilterCustomer =
VAR FindUser =
IF (
SUMX (
FILTER (
'User Security_RLS',
UPPER ( 'User Security_RLS'[User Logon] ) = UPPER ( USERNAME () )
|| UPPER ( 'User Security_RLS'[User Logon] ) = UPPER ( USERPRINCIPALNAME () )
),
// Check connection to customer
FIND (
UPPER ( 'User Security_RLS'[ShipToCustomer_SK] ),
[AllowedRow],
,
0
)
) > 0,
1,
0
)
RETURN
FindUser
Apologies if explanation was bad. Still pretty new to this.
Standard answer for simplifying RLS evaluation is to structure your model so that you filter the data entitlement table by the UPN and have that flow filters to whatever table you want to secure. So create a table in your model with two columns (Customer_SK, [User Logon]) enumerating every allowed Customer_SK for each [User Logon]. Configure this table with a bi-directional relationship to the main Customer table, and put a simple RLS filter on it like:
'User Security_RLS'[User Logon] = USERPRINCIPALNAME()