We are using Power BI as our reporting and dashboard tool for our Snowflake data warehouse. WE have a need for a published report to use the credentials of the person calling the report rather than the person who created and published the report, and have been unable to determine a way of doing this.
We have two data visibility restrictions that need to be enforced. First, based on the user's role, they are limited as to what columns of data they can see; we're enforcing this with a data masking policy in Snowflake. Second, we have a need to restrict which rows are visible to certain individuals based on their role; we have a row access policy in Snowflake which determines through a user-defined function call what customers' data are visible to a user.
Both of these work in perfectly well in Snowflake, but when called from Power BI, the data returned is based on the user who published and shared the report rather than the one executing it.
Is there a way to pass through the calling user's ID instead of the publisher's?