I'm playing with Snowflake and Metabase, trying to set up connections that change the Snowflake Role used in the session based on user or group attributes. I noticed in the Roadmap that they're working on a feature with this idea:
Warehouse-side row-level permissions - Move permission management to your DW by letting Metabase pass user information (PAID FEATURE). Source
Before this gets released, I'm curious if anyone's found a workaround? Any tips or guidance would be super helpful.
I recently came across the new Impersonation Access feature in Metabase and I have a question about how caching behaves with this feature.
Let's consider a scenario where we have two users—User 1 and User 2. Both users connect to the same database but have different user attributes and roles.
Specifically, User 1 has access to Column A, while User 2 has a Snowflake Masking Policy applied to the same Column A.
Now, if User 1 runs the query SELECT A FROM USERS;, and then a few seconds later, User 2 runs the same query, what happens with Metabase's caching mechanism?
Will Metabase reuse the cached result from User 1's query for User 2, or will it recognize that the connection parameters are different between the two users and execute a new query?
