Problem Statement
Currently, there is limited control over which queries can be added to panels or dashboards. In multi-user environments with varying permission levels, administrators and dashboard owners need better governance to ensure:
- Data Governance & Compliance: Prevent unauthorized or inappropriate queries from being added to shared dashboards
- Security: Prevent accidental or malicious addition of sensitive queries to dashboards
- Standards Enforcement: Enforce organization-specific standards for what data can be displayed together
- Audit Trails: Better visibility showing who added what queries to shared dashboards
Proposed Solution
Implement a permission and control system that allows:
-
Dashboard Owner Controls: Dashboard owners/admins to restrict which queries/questions can be added to specific dashboards or panels
-
Granular Permissions: Control whether users can:
- Add new queries
- Edit existing queries
- Only view queries
-
Approval Workflows: Optional approval workflows for query additions to dashboards (especially sensitive or compliance-related dashboards)
-
Role-Based Restrictions: Certain query types restricted from specific panels based on user roles
-
Audit Logging: Track which queries were added by whom and when
Why This Matters
This feature is critical for enterprise governance. Organizations operating in regulated industries need to ensure that only appropriate queries can be added to shared dashboards used by multiple departments. This would significantly improve Metabase's enterprise usability.
Use Cases
- Finance teams maintaining strict controls on dashboard queries
- Compliance-focused organizations requiring approval workflows
- Multi-department environments needing standardized dashboard content
- Large organizations with delegated dashboard management
Thank you for considering this feature request!