Tweak to All Users Rights

This is relevant to .33 beta version.

From perspective of developer to deploy copies to users, I believe these two changes would be for the better.

Standard users should be able to edit/change their name and email address. The screen for this in Admin does not allow for a save.

If standard user has SQL edit disabled, then should not be able to view the SQL as well. the SQL might be considered IP of the developer and should be suppressed from view.

Hi @crwheelr

Version 0.33.0 has been released, it’s not in beta/preview anymore.

The user can change their details via “Account settings” - /user/edit_current

If you want to completely hide the query, then you should create a view, since it’s possible to see a lot of query details in the browser requests, so hiding the query in the editor is not enough.

Hi @flamber,

yes it is specifically in the account settings edit_current form that as a standard user I could modify the data but could not save it. thus my original remark on this.

regaarding the create a View, are you referring to a dashboard or something different. don’t recall coming across Views specifically.
Chuck

I just confirmed with latest production download. the message " Sorry, you don’t have permission to see that." is presented when trying to save user info.

chuck

@crwheelr

If you cannot edit user settings, then that’s a high priority bug - not a feature request.
But I cannot reproduce your issue.
Can you provide steps-to-reproduce? Do you see errors in the log or browser console?

A view is a database feature, which is supported by most databases - nothing to do with Metabase. Many databases also has something called stored procedures/routines. This allows you to make all your queries on the database, so clients (Metabase, etc.) only calls that and never knows the real query.

@flamber,

under my admin account, i created a standard user POSPizza User as first name last name, and provided an email address i have access to… no restrictions on table access,. I revoked access to SQL queries in permissions and saved.

in the email inbox, clicked the link to join and successfully logged into to the new user account.

In account settings, changed the email address and its there that the “Sorry you don’t have permissions…” appeared.

Win64

Java/metabase run as a service with nssm (by the way, this is the way to go on windows boxes. it is very robust)

0.33 just uploaded yesterday.

hope this helps.

I am going to move the other topic to feature request.

I can reproduce in 0.33.1.
Non-admin user, go to account settings, change the email address, click save:

image

It’s on my demo server - H2 database. Linux Server on Azure.

@crwheelr @AndrewMBaines
Okay, so with a non-admin user, I can reproduce it. It still saves the changes, but just displays a bad message to the user.