* Move current click handler to legend title

* Add `onToggleSeriesVisibility` prop to `Legend`

* Update `LegendItemDot` component

* Update `LegendItemTitle`

* Toggle series visibility

* Fix hover effect

* Don't let to hide the last visible series

* Add `visible` property to `BaseSeriesModel`

* Fix dangling split axis label when hiding a series

* Update `graph.series_order` viz setting widget

* Fix can't toggle series visibility from legend popover

* Fix legend dot clipped by `overflow: hidden`

* Fix eslint error

* Fix legend popover scroll

* Add unit tests

* Add e2e tests

* Fix show/hide series for scatter charts

* Default `LegendItemDot` to visible state

* Only apply legend dot hover effect if there's a click handler

* Don't allow to remove the last series in `ChartSettingSeriesOrder`

* Fix tooltip performance drop

* Fix e2e tests around `series_order` viz setting widget

* Use `text-medium` for outer circle background

* Update dot style

* tweak inner circle color

* Update copy

* Use div instead of button if can't toggle visibility

* Fix legend layout issue

* Don't show trendlines for hidden series

* Fix missing prop value

* Disable visibility toggle outside of dashboard/qb view

* Add public dashboard test

* Add tooltip footer e2e helpers

* Fix chart tooltip shows hidden series data

---------

Co-authored-by: Kyle Doherty <5248953+kdoh@users.noreply.github.com>

* Add repro test for #47170

* Use type guard when checking for cancelled request

* Export `isObject` type guard

* Avoid type casting

* Update e2e test

* [notification] New method: `channel/can-connect?` (#44955)

* [notification] Channel APIs (#45207)

* [notification] namespaced channel type (#45527)

* [Notification] Render alert for http channel (#45545)

* [notification] Add channel description (#45840)

* [notification] update API to enable http channels for alert (#45839)

* [Notification] Remove channel details for users without write perms (#46034)

* [Notification] Serdes channel (#46031)

* [Notification] Update http details schema (#45960)

* [Notification] Deactivate channels will delete PulseChannel (#46115)

* [Notification] audit log for channel create and update (#46113)

* [Notification] Disallow undefined key for http channel details (#46712)

* [Notification] Handle channel name conflicts (#46818)

* Webhooks Admin Section (#46194)

* [notification] Fix test pulse endpoint does not work properly for http channels (#46474) (#47050)

* [Notification] Fix unable to update multiple channels per type (#47111)

* [Notification] Record Task History when pulse sends channel message (#46218)

* Enabling Webhook Alerts (#47022)

* [Notification] fix cyclic deps (#47379)

* [notification] channel serdes spec (#47386)

Co-authored-by: Nick Fitzpatrick <nick@metabase.com>

* Query Validator FE

* collection path, unit tests

* wrapping feature with token flag

* updating util function, adding row type

* updating session_test.clj

* type adjustment

* fixing other table sorting

* Empty state, clean up utils

* unit test adjustment

* e2e adjustment

== Goal ==

Hide attached DWH database details from anyone incl. admins:
* Do not show them in the UI
* Do not permit to change them
* Do not serialize them

The aim is that customers cannot gain access to (parts of) credentials,
and they cannot break a feature they are paying for by changing
connection details.

== Implementation ==

The Metabase backend already contains provisions in the implementation
of `metabase.models.interface/to-json` for `:model/Database` to hide the
`details` of the database in HTTP responses, if the user lacks write
permission on the database.  We utilize this by adding an
`is_attached_dwh` column to the `database` table and rejecting
`metabase.models.interface/can-write?` when this flag is enabled.  In
the "admin" UI, we show a replacement text instead of the edit form when
the flag is set.  (It might be correct to show this whenever `details`
is absent.  See below for possible follow-up work.)

However, several sections of the frontend code expected the `details`
field to always be present.  In order to make `details` optional, as the
backend seems to handle it, we fix the respective code to treat this
case in the way that appears appropriate in the context.

Database details are already generally excluded from H2 dump snapshots
(see `metabase.cmd.copy/*copy-h2-database-details*`), thus nothing
changes there.

== How to test ==

=== New behaviour ===

Setting the `is_attached_dwh` field hides the database details:

1. Configure a database as described in https://www.metabase.com/docs/latest/configuring-metabase/config-file#databases.
   - In addition to the fields you would normally set, also set
     `is_attached_dwh: true`.
   - This also works when adding this flag to a database that previously
     did not have this flag set.
2. Start your Metabase instance.
3. Verify the database shows up in the "admin" section
   (`/admin/databases`).
4. Verify that clicking the database to see its details only reveals
   "This database cannot be modified."
5. Verify that responses from the backend do not include a `details`
   field for this database.

=== Original behaviour ===

Behaviour without setting the `is_attached_dwh` field is unchanged:

1. Configure a database as described in https://www.metabase.com/docs/latest/configuring-metabase/config-file#databases.
   - Only set the fields you would normally set.  Do not set
     `is_attached_dwh` (or set it to `false`).
2. Start your Metabase instance.
3. Verify the database shows up in the "admin" section
   (`/admin/databases`).
4. Verify that clicking the database to see its details only reveal the
   regular edit form, showing connection fields like `host`, `user`,
   etc. with the values you configured.

== How this will be rolled out ==

1. Upgrade existing Metabase Cloud instances with data warehouse to a
   Metabase version that supports `is_attached_dwh`.
2. Set `is_attached_dwh` in the database section of the config file for
   Metabase Cloud instances with a data warehouse.

== Possible follow-up work ==

In https://github.com/metabase/metabase/issues/25715, absent
`database.details` was identified as a bug.  Since then, `details` was
made `NOT NULL` in the application database, so this bug can no longer
occur.  However, today backend responses can be missing the `details`
field, if the current user lacks write permission to the database
setting (see above).  Fully re-evaluating the fix to #25715 in this
context is outside the scope of this PR.

Closes: https://github.com/metabase/harbormaster/issues/5051

* allow re-ordering and re-naming pie chart slices

* aggregate rows with same dimension value

* show warning when dimension has unaggregated values

* change colors from sidebar

* implement renaming

* styles for slice name widget

* handle numeric slice keys for binned values relative dates etc

* implement slice disabling

* remove old colors setting

* implement merging new and removing existing rows from query results

* fix formatting bugs

* port settings to static viz

* fix bug with unaggregated data

* address todos

* add loki test

* fix measure column settings widget erroring

* fix settings sidebar crashing

* add e2e tests

* update snapshots

* fix pie_chart.cy.spec.js CI-only flakes

* fix #21504 repro failure

* fix click action value

* use nestedSettings instead of seriesSettings

* fix settings sidebar crashing

* fix row with 0 key not being draggable

* fix flaky test

* filter other slices from sidebar

* keep locale in url query params

* e2e tests

* ugly fix for the missing baseUrl error

* applies suggestion from Kelvin to make code more demure

* Update e2e/test/scenarios/sharing/public-question.cy.spec.js

Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>

* remove it.skip added by mistake

* sort imports

* handle native question/ SyncedParametersList too

* shorter and more accurate comment 



* Update e2e/support/helpers/e2e-embedding-helpers.js

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

---------

Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>
Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>

* Support multiple bucketings of a column in nested queries

Fixes #46644

* Fix e2e test

* remove prevent default on CP links

* unit flakes?

fix(questions + admin/performance): Improve Clear cache button text and question refresh button tooltip (#46791)

* Convert e2e-custom-column-helpers to TS

* Refactor createTimeline, createTimelineEvent & createTimelineWithEvents to TS

* Fix circular imports

This testing is too strict to support some legitimate use cases that
have no workaround at present. We can bring back this type-checking
eventually, once it's possible to correctly express things like
automatic coercion of strings to numbers in `SUM` aggregations.

Fixes #44431.

* fix import order in the files with disabled rules

* remove hack

* minor

* Fix DateTimeRange substitution for open ranges

* Add E2E repro for #47172

* cljfmt

* Add test for datetime column

* Update range boundary for open range

* Update test names

* Apply suggestions from code review

Co-authored-by: Kamil Mielnik <kamil@kamilmielnik.com>

* Fix e2e

---------

Co-authored-by: Nemanja <31325167+nemanjaglumac@users.noreply.github.com>
Co-authored-by: Kamil Mielnik <kamil@kamilmielnik.com>

* Strip expression metadata for field expression

Fixes #44940.

feat(admin/performance): In Admin / Performance, add a tab where you can manage the caching policies of dashboards and questions (#42990)

Closes #42567

* Update interactive embedding CTA UTM tags

* Make the UTM tags more readable

* Update static embed doc UTM tags

* Update static embed appearance customization doc UTM tags

* Update font upsell UTM tags

* Update tests

* Fix wrong upgrade URL

* Update tests

* Use global search for aggregation picker

* Add names to aggregation picker items so they can be searched

* Render info icon metric descriptions

* Add unit tests for global aggregation picker search

* Add test for searching metrics

* Add a test for metrics descriptions

* Sort metrics

* Fix e2e test

* Use Flex from metabase/ui

* Handle markdown in metric description

* Add test for sorted metrics

* Update Markdown styling in metric description

* Fix clojure formatting

* Test for markdown in the Metric description

* Fix lint

* Fix test for markdown

* Use simpler equality test

* Fix overflow in test

* QuestionAlertWidget to FC + TS

* update e2e tests

* use regular alert for unsubscribes

* Create Question and Dashboard Sharing Menu

* Handle some edge cases

* top notch unit tests

* more testing and tweaking

* fix imports

* more tests

* add alerts to question sharing menu

* add tests for alerts

* update e2e tests

* use Oisin's toolbarbutton

* fix rebase

* prompt to save before sharing questions

* show prompt to set up notification channels

* fix import

* update tests and hide on notebook screen

* fixes

* clean up pulse types

* update e2e tests

* fix a bunch more tests

* more e2e test fixes

* maybe green now? 

* last one 

* design updates

* make channel setup modal nicer

* simpler component props

* lint fix

* lint fixes

* Add offset presets

* Render OffsetPresets initially

* Add BucketInput

* Render BucketInput and do not rely on referential equality for Lib.Bucket

* Make sure the currently selected bucket shows in the presets

* Lift label into CompareAggregations

* Fix spacing of label

* Fix labels based on comparison type

* Use Switch for include current period

* Include current bucket in CurrentPeriodInput label

* Fix unit tests

* Add more unit tests for CompareAggregations

* Update e2e test for column compare to handle presets

* Group offset tests

* Add tests for moving average

* Add tests to verify changing the bucket works

* Fix type

* Make sure temporal columns are buckatable before picking them

* Make getPreferredPresets more clear

* Add test for temporal expression column

* Fix lint

* fix echarts tooltip issues

* fix types

* use another merge-ref package

* refactor: sort import members inside destructuring

* Show an error message when the temporal unit is not applicable to a dashboard card (#46983)

* Fix tests

* Add tests

* Add tests

* Fix types

* Fix types

---------

Co-authored-by: Alexander Polyankin <alexander.polyankin@metabase.com>

* hide terminal-report logs from console

* disable html output from testing-library-dom

* revert failing code

* make the newsletter signup a checkbox instead of a button

* update copy on unit test

* fix describe nesting

* update the ui to be like the design

* make tests use userEvent.click to avoid warning about missing act

* use the subscribeToNewsletter function

* add basic e2e test for newsletter subscription

* move wait to the end of the test to see if it passes in ci

* remove async to see if it fixes the issue

* trying to mock the response

* make it clear why we're mocking the response

* use getUserEmail as suggested by Sloan

* inline var a suggested on code review

* Remove `Collections` entity loader

* Load collections directly within the component

* Add E2E repro for #46221

* Fix tests

* Add tests

* Add tests

* Fix types

* Fix types

* allow `:blocked` to be saved for table level perms

* Adds 2 tests for table level blocked permission settings

- N.B. these are NOT ENFORCED YET

* update test that asserted we cannot set block on tables (we can)

* WIP: Pairing on making perms checking less wild

* cleanup, update docs, and add a test for view-data perm only

- Added a test where we have data permissions, but not create query, and
  I think it is failing when we have create query and blocked data
  permissions.
- renamed some functions from check-x -> has-x? since they return a
  value instead of throwing now

* Revert "WIP: Pairing on making perms checking less wild"

Keep the same behavior, but stick with the saner flow control

This reverts commit 63bcb5b4.

* update docs

* update test to be passing

- TODO: make sure it's correct w.r.t. perm settings

* Allow schema level blocked setting in permgraph

* remove invalid test cases

- continue to have a forcing function to test newly added perms

* conform function output

* ensure a single blocked table blocks native queries to its DB

* update error message

- we now catch this error in `metabase.models.query.permissions/has-perm-for-query?`

* we now check for data permissions to process query for card

* add more explanation to what we are testing

- to help see why it fails on CI and passes locally

* remove excess `def`

* Add test for table-level data X collection perms

- update test found to be in-error

* update param values qp permission check style

* set view-data and create-query explicitly

* set viewdata and createquery explicitly in qp test

* Respond to review comments (which fixes a case)

* setting a table to blocked: leave other tables the same

* [Permissions] Add "No access" schema/table permission (#46509)

* first pass

* refactors downgrading native permission logic and updates calculation so that "No access" downgrades native permissions to "No"

* stub for permissions help info on table block

* modal changes wip, updates downgrading create queries permissions to all happen at a single call site

* clean up, sandboxing modal copy changes, removes rekoke/limit access modal changes to make the diff smaller and move code to a seperate PR

* updates permissions help section to contain the final copy

* sandboxing copy fix and remove modal that was dropped from requirements

* adds blocked at the schema level, updates no access copy to blocked, updates permissions help section to contain new blocked and schema level changes

* fixes failed unit and e2e tests after sandboxing copy changes

* improve the block e2e test to include table blocking

* fixes failing blocked test, fixes other schemas create queries permissions getting correct with one schema was droped to blocked view data access, fixes a bug that prevents the save bar from going away when all permissions for group are set to the default values

* clean up

* remove color changes

* prevents parent being set to blocked preventing edits for children entities

* add new hasPermissionValueInSubgraph fn, adds modal to warn users we have to upgrade the view data permissions when they upgrade create queries permissions when a child entity is set to blocked

* adds test coverage for new modal

* removes unused function, adds new updateEntityPermission fn to help consolidate some logic elsewhere

* unit test fix and type fix

* most pr feedback

* updates the confirmation modal copy when changing a parent entity that contains a child with blocked permissions and/or sandboxed children, adds test coverage for that, adds test coverage for permission view data column not appearing in oss

* type fix

* [Permissions] Add e2e test coverage for blocked permissions enforcements (#46663)

* adds test coverage for enforcement of blocked permissions

* moves tests around based on pr feedback

* copy changes

* adds fix to make sure that blocked permissions are not removed from sibling tables that have the create queries permissions upgraded (#46854)

* Fix table name lookup for dbs w/ 1 schema per db

* add test for blank schema identifiers

* Refine sandboxed user perms for query builder access (#46939)

* Refine sandboxed user perms for query builder access

- Limit create-queries permissions to unblocked tables only
- Check user permissions for each table before granting query builder access
- Prevent querying of blocked joined tables from query builder for sandboxed users

* Adjust permissions for sandboxed users

- Grant view-data permissions only for unblocked tables
- Revert create-queries permissions to all tables in sandbox
- Remove unnecessary intermediate variable

* when sandboxing we no longer grant unrestricted view perms for blocked tables

* Update enterprise/backend/src/metabase_enterprise/sandbox/query_processor/middleware/row_level_restrictions.clj

remove blank line

Co-authored-by: Noah Moss <32746338+noahmoss@users.noreply.github.com>

* - make coalesce-test exhaustive (except for sandbox)

* Update enterprise/backend/src/metabase_enterprise/sandbox/query_processor/middleware/row_level_restrictions.clj

Co-authored-by: Noah Moss <32746338+noahmoss@users.noreply.github.com>

* t2/select ... -> database/table-id->database-id

* update comment

* [Permissions] Prevent "Granular" option in DB View Data options from changing permissions to unrestricted (#46976)

* fix

* adds back most of the code and limits it to only happen with impersonations, updates test to handle differing logic between the two flows

* removes test that is not longer needed

* more sandbox join table perms tests

---------

Co-authored-by: John Swanson <john.swanson@metabase.com>
Co-authored-by: Sloan Sparger <sloansparger@users.noreply.github.com>
Co-authored-by: Sloan Sparger <sloansparger@gmail.com>
Co-authored-by: Noah Moss <32746338+noahmoss@users.noreply.github.com>

- use createQuestionAndDashboard helper instead of command
- sort imports

* Remove unused file

* Refactor getCurrentUser command to a TS function util

* Refactor createAlert command to a TS function util

* Refactor createModerationReview command to a TS function util

* Reuse createModerationReview

* Refactor createPulse command to a TS function util

* Remove references to deleted files

* Improve typing

* use ECharts tooltip on cartesian charts

* fix tooltip lag when changing hovered series

* facelift tooltip

* fix static viz crashes due to tooltip option

* facelift

* pie chart echarts tooltip

* facelift

* facelift

* facelift

* tweaks

* e2e specs

* return back the pie other slices tooltip

* more specs

* specs

* fix pie total

* fix tooltip overflow

* fix specs

* fix infinite rerender in embedding mode for charts that have warnings

* Update Loki Snapshots

---------

Co-authored-by: Metabase Automation <github-automation@metabase.com>

* Add sandboxing E2E tests

* Fix types

* Ignore TS error for now

* disable cypress-terminal-report locally

* one more check

* cleanup