I personally wasn’t aware of the ABAC term - so thanks for sharing. I think the concept maps to a solution currently being implemented where I work.
Part of what the Metabase core team use for prioritizing is votes on GitHub issues. Here’s issues tagged
Permissions and ordered by votes:
As you can see both row level and column level access control are being considered. The example you give sounds mostly like something that could be handled with row based access control.
Being new to ABAC I’m curious if it would “just” be a matter of mapping to e.g. group membership in LDAP - so effectively delegating the extra “magic sauce” to a solution external to Metabase that could maintain such group memberships based on attributes put on users or if you can share something more specific about what technical addition Metabase would need?
To me it sounds like a concept you want to externalise instead of implement handling of in each and every application like Metabase - so forgive my ingnorance