Hi Metabase Team,
I would like to report a bug in Metabase 0.34.0 related to permission.
According to Metabase Documentation about Collections:
View access: the user can see all the questions, dashboards, and pulses in the collection. If the user does not have permission to view some or all of the questions included in a given dashboard or pulse then those questions will not be visible to them; but any questions that are saved in this collection will be visible to them, even if the user doesn’t have access to the underlying data used to in the question.
This works as expected for Simple/Custom questions, but does not work as expected for SQL questions. In other words, SQL questions cannot be viewed by a user even after that user is granted either View access
or Curate access
to the collection where the question is located, and the Data Permission is either No Access
or Data Access
.
It has two different outputs depending on the Data Permission:
- If Data Permission is
No Access
, then there is black pair of keys figure with black text saying "Sorry, you don’t have permission to see that." (Figure 1) - If Data Permission is
Data Access
, then there is red diagonal cross inside circle figure with red text saying "You do not have permissions to run this query." (Figure 2)
Figure 1 The output if Data Permission is
No Access
Figure 2 The output if Data Permission is
Data Access
Repeatable steps to reproduce the issue:
- Run metabase.jar for the first time
- Create admin account, e.g.
admin@example.com
- As Admin, in People menu, create member account, e.g.
member@example.com
- As Admin, in People menu, create group, e.g.
Playground
- As Admin, in People menu, add
member@example.com
toPlayground
- As Admin, in Permissions menu, adjust access for
All Users
forSample Dataset
to be eitherNo access
orData Access
, depending on the we want to reproduce result in Figure 1 or Figure 2 - As Admin, in Permissions menu, grant
Playground
forOur analytics
to be eitherView collection
orCurate collection
(does not matter) - As Admin, create a question using native query, e.g.
select * from ORDERS;
- As Admin, save the question in
Our analytics
, e.g. asSQL question
- As Member, try to view the question
- Member would not be able to view the question, and the output is either Figure 1 or Figure 2
Thank you for your help.
Edit: This bug has also been reported in Permission: SQL questions cannot be viewed after granted "View access" · Issue #11672 · metabase/metabase · GitHub.
Here’s the detail of Metabase in my system.
- Browser and its version: Chrome Version 79.0.3945.88 (Official Build) (64-bit)
- Operating system: macOS Mojave Version 10.14.6
- The type of database(s) connected to Metabase: BigQuery
- The version of Metabase run: 0.34.0
- Metabase hosting environment: Docker
- Metabase’s internal database type: PostgreSQL