From 452b1a5b721568da7044f3e3586bed478f235a9b Mon Sep 17 00:00:00 2001
From: "metabase-bot[bot]"
 <109303359+metabase-bot[bot]@users.noreply.github.com>
Date: Thu, 6 Apr 2023 16:17:33 +0000
Subject: [PATCH] docs - update notification permissions (#29845) (#29865)

Co-authored-by: Natalie <nat@metabase.com>
---
 docs/configuring-metabase/settings.md     |  4 +-
 docs/dashboards/subscriptions.md          |  1 -
 docs/permissions/notifications.md         | 48 ++++++++++++++++++-----
 docs/questions/sharing/alerts.md          |  1 -
 docs/usage-and-performance-tools/audit.md |  2 +-
 5 files changed, 43 insertions(+), 13 deletions(-)

diff --git a/docs/configuring-metabase/settings.md b/docs/configuring-metabase/settings.md
index 52bc06105e1..b4ee162155c 100644
--- a/docs/configuring-metabase/settings.md
+++ b/docs/configuring-metabase/settings.md
@@ -44,7 +44,9 @@ To allow all domains, leave the field empty (allowing all domains is the default
 
 To specify multiple domains, separate each domain with a comma, with no space in between (e.g., "domain1,domain2"). 
 
-This setting doesn't affect existing subscriptions.
+You can also set this property using the environment variable [`MB_SUBSCRIPTION_ALLOWED_DOMAINS`](../configuring-metabase/environment-variables.md#mb_subscription_allowed_domains).
+
+> This setting doesn't affect existing subscriptions and alerts.
 
 ## Anonymous tracking
 
diff --git a/docs/dashboards/subscriptions.md b/docs/dashboards/subscriptions.md
index 7feb6d2ad19..fb44ea82147 100644
--- a/docs/dashboards/subscriptions.md
+++ b/docs/dashboards/subscriptions.md
@@ -86,7 +86,6 @@ See [Notification permissions](../permissions/notifications.md).
 ## Further reading
 
 - [Alerts](../questions/sharing/alerts.md)
-- [Notification permissions](../permissions/notifications.md)
 - [Setting up email](../configuring-metabase/email.md)
 - [Setting up Slack](../configuring-metabase/slack.md)
 - [Auditing Metabase](../usage-and-performance-tools/audit.md)
diff --git a/docs/permissions/notifications.md b/docs/permissions/notifications.md
index 8ab00eb46b6..9a118ed9210 100644
--- a/docs/permissions/notifications.md
+++ b/docs/permissions/notifications.md
@@ -4,15 +4,45 @@ title: Notification permissions
 
 # Notification permissions
 
-Some notes on how permissions work with dashboard subscriptions and alerts:
-
-- **Recipients of notifications can see whatever the creator of the notification can see.** That is, people will get to see charts in their email or Slack _as if_ they had the alert or subscription creator's permissions to view those charts, _regardless of whether their groups have permission to view those charts_.
-- **Anyone can create and manage their own notifications**. In addition to the alert and subscription menus on questions and dashboards, people can click on the **gear** icon and go to **Account settings** > **Notifications** to view and unsubscribe from any or all of their dashboard subscriptions and alerts.
-- **Anyone can add people via email or Slack to a subscription or alert that they created**. Again, the data Metabase sends to the added recipients depends on the person who created the notification, not the recipient.
-- **Some paid plans can restrict which domains Metabase can email.** See [approved domains](../configuring-metabase/settings.md#approved-domains-for-notifications). 
-- **Admins can see and edit all notifications.** Admins can modify recipients, filters, or delete the subscription without affecting the subscription's permissions; the subscription will continue to send data based on whoever originally created the subscription. Admins can edit alerts and subscriptions on the items themselves, or, if they have a paid plan, in the Admin panel under **Audit** > **Subscriptions and alerts**. See [Auditing Metabase](../usage-and-performance-tools/audit.md). 
-- **Non-admins can only view and edit notifications they created, not notifications created by others.**
-- **Provided the non-admin account isn't sandboxed, non-admins can add anyone in their Metabase to their subscriptions using the dropdown menu.** People who are sandboxed will only see themselves in the list of recipients for dashboard subscriptions and alerts that they create; they won't be able to see other Metabase accounts.
+Notifications in Metabase include [alerts](../questions/sharing/alerts.md) and [dashboard subscriptions](../dashboards/subscriptions.md#setting-up-a-dashboard-subscription).
+
+Notification **recipients** can see whatever the notification **creator** can see. For example, if:
+
+- Beau creates a subscription to a dashboard saved in their [personal collection](../exploration-and-organization/collections.md#your-personal-collection).
+- Beau adds Anya to the dashboard subscription.
+- Anya will see the dashboard in her email, even though she doesn't have permissions to view that dashboard in Beau's personal collection.
+
+## All accounts
+
+From [Account settings](../people-and-groups/account-settings.md), all accounts can:
+
+- Create [alerts](../questions/sharing/alerts.md) and [dashboard subscriptions](../dashboards/subscriptions.md#setting-up-a-dashboard-subscription).
+- Add new recipients to alerts and subscriptions that they own.
+- Unsubscribe from any alert or subscription.
+
+When a notification creator adds new recipients to an alert or subscription, Metabase will display data to the recipients using the **creator's** [data permissions](../permissions/data.md) and [collection permissions](../permissions/collections.md).
+
+## Sandboxed accounts
+
+Same as [all accounts](#all-accounts), but **people using sandboxed accounts will only see themselves in the list of recipients** when creating an alert or subscription.
+
+## Admins
+
+{% include plans-blockquote.html feature="Auditing tools" %}
+
+From Metabase's [auditing tools](../usage-and-performance-tools/audit.md#subscriptions-and-alerts), admins can:
+
+- View all subscriptions and alerts
+- Add or remove recipients from an existing subscription or alert
+- Delete subscriptions or alerts
+
+Admins can add recipients without changing the permissions of the alert or subscription. For example, if an admin adds Anya to a subscription created by Beau, Anya will receive emails with the same data that the Beau can see.
+
+## Restricting email domains
+
+{% include plans-blockquote.html feature="Approved domains for notifications" %}
+
+Admins can limit email recipients to people within an org by going to **Admin setting** > **General settings** > [Approved domains for notifications](../configuring-metabase/settings.md#approved-domains-for-notifications). 
 
 ## Further reading
 
diff --git a/docs/questions/sharing/alerts.md b/docs/questions/sharing/alerts.md
index 464b5f1abd0..996e1c6546f 100644
--- a/docs/questions/sharing/alerts.md
+++ b/docs/questions/sharing/alerts.md
@@ -100,7 +100,6 @@ See [Notification permissions](../../permissions/notifications.md).
 ## Further reading
 
 - [Dashboard subscriptions](../../dashboards/subscriptions.md)
-- [Notification permissions](../../permissions/notifications.md)
 - [Setting up email](../../configuring-metabase/email.md)
 - [Setting up Slack](../../configuring-metabase/slack.md)
 - [Auditing Metabase](../../usage-and-performance-tools/audit.md)
diff --git a/docs/usage-and-performance-tools/audit.md b/docs/usage-and-performance-tools/audit.md
index 168046979d3..bdb477ec2a1 100644
--- a/docs/usage-and-performance-tools/audit.md
+++ b/docs/usage-and-performance-tools/audit.md
@@ -106,7 +106,7 @@ Admins can add and remove people from a subscription or alert by clicking on the
 
 Everyone can view all of their subscriptions and alerts by clicking on the **gear** icon in the upper right and navigating to **Account settings** > **Notifications**.
 
-For more, see [how permissions work with dashboard subscriptions and alerts](../dashboards/subscriptions.md#how-permissions-work-with-dashboard-subscriptions).
+For more, see [how permissions work with alerts and subscriptions](../permissions/notifications.md).
 
 [alerts]: ../questions/sharing/alerts.md
 [dashboard-subscriptions]: ../dashboards/subscriptions.md
-- 
GitLab