Robert Duke on 01 Jul 2021 16:34:36
This role would be applied if none of the other roles were applied. This would have two advantages.
1. If an email address or security group was missing from a role, then the default (potentially more restrictive) role would be applied, rather than displaying all data. (Which strikes me as a big security flaw in the current implementation).
2. Would allow row level security to be applied using functions like UserPrincipalName() without having to name everyone with access to the report in a role.
Merged with
Add a default role for row level security