As an admin, you can set up a sandbox powered by a SQL question which selects a subset of columns from a table, in order to restrict the columns which a user should have access to.
However, the user still is able to see the full list of columns in the query builder, and thus might try to create a query which will subsequently error due to the sandbox.
To Reproduce
As an admin, create a SQL question as a base for sandboxing like:
select ID, USER_ID, TAX, TOTAL from ORDERS where USER_ID = 1;
Sandbox Orders table for "All users" using this SQL question
Log in as a non-admin, and start a new question using the query builder
You'll be able to see the full list of fields in the table in the query builder, and if you try to create a question that includes all fields, you will get an error
noahmoss
commented
2 hours ago
Describe the bug
As an admin, you can set up a sandbox powered by a SQL question which selects a subset of columns from a table, in order to restrict the columns which a user should have access to.
However, the user still is able to see the full list of columns in the query builder, and thus might try to create a query which will subsequently error due to the sandbox.
To Reproduce
Expected behavior
No response
Logs
No response
Information about your Metabase installation
n/a (already fixed)
Severity
P1
Additional context
No response