We are using Matomo for analytics. This data ends up in MySQL organized by a siteId, which identifies our customer. E.g. each hit, visit, action etc is stored in one massive table with a siteId column.
We are considering a move to Metabase for our reporting platform since Matomo has pretty limited reporting capabilities.
One requirement is to create a dashboard for each customer that we can embed in our application.
In order to filter the data by customer, should this be a parameter passed by our software to the embedded dashboard? Are there any risks that the end user could modify this parameter?
If we allow users to design their own Questions, is there a way we can prevent them from looking at any data other that where that siteId = their siteId ?