Access grant - bug?

(Dawid) #1


We have 5 models defined in our LookML. I wanted to experiment with access grants to be able to deploy code that is useful to advanced users of Looker without bothering the basic users with new features.

I defined access grant <name>_team_only based on user attribute team = <name>

So far so good. Not sure why but I had to define it in each model, correct?

Next I go to one of the views and insert required_access_grants to one of the dimensions. Unfortunately upon validation I get errors that this access grant doesn’t exist in one model.

Oops, I forgot about one, so I added it and revalidated it. The error still persisted.

I had to remove required_access_grants from the dimension, save id, validate it, then go back, add it again, save it, and validate again. Only then the validation passed.

Another question I have is around access in general:

What feature should I use if I want the following scenario:

Specific group of people (based on either user attribute or preferably access grant) can see dimension but everybody can view looks and dashboards containing it?


(Izzy) split this topic #2

2 posts were merged into an existing topic: Conditional hiding of groups, dimensions, measures


(Izzy) #3

I think it’s possible that this is not a bug specific to access_grant, but rather a general feud that we see sometimes between the LookML validator and the cache. Sometimes, validation errors persist through validations even when they really shouldn’t, and changing something, saving, re-validating, etc. can jump it back to the correct state.

It doesn’t happen very often, but it does happen. I wouldn’t think too much of it— It’s something that we’re working on pinning down the exact cause of, but in the interim, I’d try refreshing the page and revalidating if it ever happens again, instead of first changing things.

(also, I split out the other comments re: your last question to the new topic)