* Support skipToken in useFetchMetrics

* WIP

* Add user setting for verified metrics

* Add verified metrics to the VERIFIED_CONTENT plugin

* Use metric plugins for verified metrics

* Move helpers down

* Do not filter for verified metrics if there are none, regardless of user setting

* Add label to filter button

* Revalidate search when card gets (un-)verified

* Add e2e test for verified metrics

* Avoid checking for verified metrics on when content-verification is not enabled

* Fix broken test

* Simplify content verification plugin structure for metrics

* Add content moderation types and API helpers

* Update content moderation plugin to make use of the moderation api in metabase/api

* Fix lint

* Fix missing list tag

* Store verified metric filter preference

* Move all helpers to the bottom

* Ensure the user setting gets updated when chaning the filter

* Add comment about component similarity

* Undo changes to embedding-sdk

* create dashboard settings sidebar

* update e2e tests

fix

* only show settings to dashboard editors

* update copy

* update e2e test

* fix types

* update tests for new copy

* fix import

* size and padding fixes

* linkify and align stuff in question details

* reorganize and divide question overflow menu

* hide history for analytics content

* fix verification icon alignment

* whoopsie lets commit all the files

* fix css file name

* Return the table id from csv upload (as a header)

* Add date format that google sheets uses

* Smuggle id

* done?

* comment

* with empty h2 db

* dashing

* fix flaky test

* Parse the correct date class

---------

Co-authored-by: Alexander Solovyov <alexander@solovyov.net>

* add license problem hook

* add warning banner

* style cue component

* update cue component

* report issue to console

* report issue to console

* use sdk loader for pre-initialization

* extract print problem method

* use non-standard shadows

* add unit tests

* prevent console log spam during tests

* mock the embedding token feature

* mock the embedding token feature by default

* add more test cases

* add test case

* add test cases

* increase popover z-index

* simplify test setup

* simplify test setup

* do not load individual component when a license error happens

* move SdkLicenseProblemDisplay component out

* replace colors with color-mix

* replace colors with color-mix

* make the text unthemed to ensure legibility

* hard-code colors to prevent them from being themed

* hard-code colors to prevent them from being themed

* update border styles

* make the chevron unthemed

* unset console text color

* only set stroke on errors

* optimistic query settings

* document the sdk license condition

* remove redundant condition

* add notes on api keys always being allowed on localhost

* move the no auth method message to warning component

* rename sdk license problem to usage problem

* add eslint rule for stories

* rename sdk license problem to usage problem

* move sdk usage problem display out of the init controller

* specify fallback font if instance is down or CORS error

* add comments on conditions pending on the CORS PR

* add notes on non-localhost checks

* make test ids constant

* add test case for neither provided

* fix types

* address code reviews

* pass `embedding-sdk` flag in `token-features`

* address code review

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* remove appName from console logs

* rename embedding-sdk to embedding_sdk

* add the embedding_sdk premium token feature

* do not setup enterprise plugin in sdk test

* do not localize visual cue messages

* fix unit test in setup-sdk-auth

* rename tests

* remove unused eslint-disable

* enable embedding_sdk premium feature for sdk unit tests

* revert security_test.clj to use embedding instead of embedding-sdk

* remove unneeded test

* changes to support the style leak fixes

---------

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* first iteration to scope sdk styles to our components

* basic css reset for buttons

* clean up duplicated css

* make sdk components use instance font if no font is passed

* cleanin up and remove defaultProps not needed

* fix tests

* adds EMBEDDING_SDK_PORTAL_CONTAINER_ELEMENT_ID

* Update enterprise/frontend/src/embedding-sdk/components/public/MetabaseProvider.tsx

* Update enterprise/frontend/src/embedding-sdk/components/public/MetabaseProvider.tsx

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* fix import

* prettier --write

* we don't need theme.fontFamily, added a comment

* rename EMBEDDING_SDK_PORTAL_CONTAINER_ELEMENT_ID to EMBEDDING_SDK_PORTAL_ROOT_ELEMENT_ID

* fix unit test

---------

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* Dashboard Info Sidebar

* e2e test updates

* add unit tests

* e2e test updates

* fix e2e tests

* fix more e2e tests

* update back behavior

so we need to account for that in serialization paths, storage
paths and when exporting/importing foreign keys

* remove more metabse settings

* fix missing update for latest version check

* test updates

* fix setting selectors

* remove the unknown premium feature warning

* remove ee-plugins from sdk

* remove ee-overrides from sdk

* Move stale endpoint to /ee/stale/${collection-id}

It's an enterprise-only endpoint, so it makes sense to put the whole
thing under enterprise.

* refactors ui to use ee stale endpoint

lint fixes, change endpoint location

fix failure e2e test

* Fix endpoint location

---------

Co-authored-by: Sloan Sparger <sloansparger@gmail.com>

* Question Settings Sidesheet (#47699)

* fix(sdk) default font on not working

* fix initial state for the sdk

* Bump Kondo version to 2024.08.29

* Fix Kondo warnings from new version of Kondo

* Fix failing tests because schema was broken

I still don't want users' eyes to bleed looking at (unnecessary?) stacktraces, but we need to be able to see exception
causes to determine what is going wrong

references #47520

Co-authored-by: Bryan Maass <bryan.maass@gmail.com>
Co-authored-by: Nicolò Pretto <info@npretto.com>

Use consistent approach for disabling permission checks in QP to fix sandboxing error in downloads (#47481)

* ask for tenancy isolation columns

* deny all permissions for all users group

* create new collections

* add jwt group mappings

* add the permissions step

* add multi-tenancy message in helper text format

* add permission graph

* wire together permissions

* use schema permissions

* use fields from table metadata from query_metadata

* add tenancy field reference

* remove log messages

* deny access to unsandboxed tables

* make permission graph more explicit

* deny access to sample database for customer groups

* add unit test for permission graph

* split permission groups and sandboxes

* jwt settings and hard-coded user attributes

* handle errors when updating sso mappings

* add express api and user switcher

* only fallback to api keys when license is invalid

* add util to sample tenancy column values

* conditional BASE_SSO_API imports

* improve embedding error message

* setup jwt configuration after license step

* setup permissions at the last step

* add missing import

* update steps that requires license

* fix incorrect imports

* add missing useContext

* handle permission update error

* remove tenancyIsolationEnabled field

* add tenancy column sampling

* differentiate tenancy column query error

* rename tenancyColumnValues to tenantIds

* assign sampled tenant ids to user attributes

* add tenant ids

* define collection permissions

* reference sandboxing group by name

* update snippet to be same as the README

* extract ask for tenancy columns to a separate step

* use the customer_id attribute

* query the table query metadata at origin

* append tables correctly

* improve error handling in table scanning

* add retry logic to metadata fetching

* only query metadata for selected fields

* fix race condition with retry

* update loading state and retries

* update comments on jwt license

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* filter the target table by id

* highlight last selected tenant column

* use breakout to get list of ids

* temporary workaround to reload the whole page

* update row value types

* update row value types

* ask if they want to setup a pro license

* post-installation improvements for cli

* block non-selected tables

* remove the source-field from sandboxing

* use the fk_target_field_id as instead of target.id

* update unit test

* add learn more message

* install mock server dependencies

* fix post-setup step formatting

* fix text wrapping

* skip tenancy columns and permissions if token is not provided

* only show the server dir step when license is enabled

* skip permission setup if there is no tenancy column

* remove source-field as we only reference our own column

* add runIf flag to skip steps

* remove the gitignore mention as this is automatic

* configure permission if there are some tenancy columns

* make native permission types more strict

* add notice about setting up local mb instance

* support multiple tenancy columns

* map the tenancy column name as the user attribute

* add component import guide

* fix deprecated punycode in node-fetch

* warn on unsampled tables

* show helper text on tenancy columns

* allow sampling repeated tenant

* add instruction to change directory into mock server

* align the learn more message

---------

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>
Co-authored-by: Oisin Coveney <oisin@metabase.com>

fixes #46039

... and the associated flaky test!

* add useDocsUrl hook and update lint rule

* remove all uses of MetabaseSettings.docsUrl

* update tests

* revert non-docsurl change