We use Metabase to build dashboards for our external partners to showcase payment trends via our services. The dashboards look sleek and professional, thanks for the great platform Generally we follow the idea of presenting the dash in a 'as is' status, meaning we don't want partners to tinker around and create their own dashboards. But recently we have been encountering issues with such approach, so I wanted to ask/check regarding the few points below:
Account credentials. Right now, if you know credentials of an account, you can change an email and password of the account without admins being notified. F.e. we can give access to partner contact or their team, and they can change it to any personal email or email, change password and no notifications will be shown to admins. I believe activity feed also doesn't show these kind of changes.
Is there a way to configure notifications to be sent to admins whenever a user changes their email/password?
Currently, if user has no data permission, drop-down field filters or auto-completing don't work. But, the issue with granting users access to data is that there is no way to stop users from a) creating their own questions; b) going to 'browse data' and attempting to download the entire table. Both can cause issues to server in case of big tables.
Are you looking into possibility to have a different set of permissions to allow reading from a table via questions/dashboards, but no ability to do anything else with data?
- Users can create their own dashboards from questions even if they have no data access. We've had 1 case of a person copying all of questions with different filters several times over from a collection they had read-only access to and creating a dash in their personal collection. A singular case ofc, but every time that personal dash was opened, the overall performance was slowed down for a bit as it was using quite a lot of data, so we had to investigate why.
Is there anything in plans to stop users from creating their own dashboards in personal space, especially when they have only read access to questions is a collection?
I saw somewhere that you mentioned that 0.40 will bring some changes to permissions logic, would love to know if any of the topics above are touched upon. Thank you