metabase.premium-features.core

toc

API namespace for the Metabase premium features code. This is a collection of functionality that lives in the OSS code, but is supports the enforcement of Enterprise Edition features, including the token check logic and the defenterprise macro.

(ns metabase.premium-features.core
  (:require
   [metabase.config :as config]
   [metabase.models.setting :refer [defsetting]]
   [metabase.premium-features.defenterprise]
   [metabase.premium-features.token-check]
   [potemkin :as p]))
(p/import-vars
 [metabase.premium-features.defenterprise
  defenterprise
  defenterprise-schema]

 [metabase.premium-features.token-check
  active-users-count
  ;; TODO: move airgap code to a dedicated namespace?
  airgap-check-user-count
  airgap-enabled
  assert-has-feature
  assert-has-any-features
  ee-feature-error
  is-hosted?
  has-any-features?
  has-feature?
  log-enabled?
  max-users-allowed
  plan-alias
  premium-embedding-token
  token-status
  TokenStatus])

Set of defined premium feature keywords.

(def premium-features
  (atom #{}))
(defn- default-premium-feature-getter [feature]
  (fn []
    (and config/ee-available?
         (has-feature? feature))))

Convenience for generating a [[metabase.models.setting/defsetting]] form for a premium token feature. (The Settings definitions for Premium token features all look more or less the same, so this prevents a lot of code duplication.)

(defmacro define-premium-feature
  [setting-name docstring feature & {:as options}]
  (let [options (merge {:type       :boolean
                        :visibility :public
                        :setter     :none
                        :audit      :never
                        :getter     `(default-premium-feature-getter ~(some-> feature name))}
                       options)]
    `(do
       (swap! premium-features conj ~feature)
       (defsetting ~setting-name
         ~docstring
         ~@(mapcat identity options)))))

Logo Removal and Full App Embedding. Should we hide the 'Powered by Metabase' attribution on the embedding pages? true if we have a valid premium embedding token.

(define-premium-feature hide-embed-branding?
  :embedding
  :export? true
  ;; This specific feature DOES NOT require the EE code to be present in order for it to return truthy, unlike
  ;; everything else.
  :getter #(has-feature? :embedding))

Should we allow users embed the SDK in sites other than localhost?

(define-premium-feature enable-embedding-sdk-origins?
  :embedding-sdk)

Should we allow full whitelabel embedding (reskinning the entire interface?)

(define-premium-feature enable-whitelabeling?
  :whitelabel
  :export? true)

Should we enable the Audit Logs interface in the Admin UI?

(define-premium-feature enable-audit-app?
  :audit-app)

Should we enable restrict email domains for subscription recipients?

(define-premium-feature ^{:added "0.41.0"} enable-email-allow-list?
  :email-allow-list)

Should we enable granular controls for cache TTL at the database, dashboard, and card level?

(define-premium-feature ^{:added "0.41.0"} enable-cache-granular-controls?
  :cache-granular-controls)

Should we enable preemptive caching; i.e., auto-refresh of cached results?

(define-premium-feature ^{:added "1.53.0"} enable-preemptive-caching?
  :cache-preemptive)

Should we enable initialization on launch from a config file?

(define-premium-feature ^{:added "0.41.0"} enable-config-text-file?
  :config-text-file)

Should we enable data sandboxes (row-level permissions)?

(define-premium-feature enable-sandboxes?
  :sandboxes
  :export? true)

Should we enable JWT-based authentication?

(define-premium-feature enable-sso-jwt?
  :sso-jwt)

Should we enable SAML-based authentication?

(define-premium-feature enable-sso-saml?
  :sso-saml)

Should we enable advanced configuration for LDAP authentication?

(define-premium-feature enable-sso-ldap?
  :sso-ldap)

Should we enable advanced configuration for Google Sign-In authentication?

(define-premium-feature enable-sso-google?
  :sso-google)

Should we enable user/group provisioning via SCIM?

(define-premium-feature enable-scim?
  :scim)

Should we enable any SSO-based authentication?

(defn enable-any-sso?
  []
  (or (enable-sso-jwt?)
      (enable-sso-saml?)
      (enable-sso-ldap?)
      (enable-sso-google?)))

Should we enable configuring session timeouts?

(define-premium-feature enable-session-timeout-config?
  :session-timeout-config)

Can we disable login by password?

(define-premium-feature can-disable-password-login?
  :disable-password-login)

Should we enable filters for dashboard subscriptions?

(define-premium-feature ^{:added "0.41.0"} enable-dashboard-subscription-filters?
  :dashboard-subscription-filters)

Should we enable extra knobs around permissions (block access, connection impersonation, etc.)?

(define-premium-feature ^{:added "0.41.0"} enable-advanced-permissions?
  :advanced-permissions)

Should we enable verified content, like verified questions and models (and more in the future, like actions)?

(define-premium-feature ^{:added "0.41.0"} enable-content-verification?
  :content-verification)

Should we enable Official Collections?

(define-premium-feature ^{:added "0.41.0"} enable-official-collections?
  :official-collections)

Should we enable SQL snippet folders?

(define-premium-feature ^{:added "0.41.0"} enable-snippet-collections?
  :snippet-collections)

Enable the v2 SerDes functionality

(define-premium-feature ^{:added "0.45.0"} enable-serialization?
  :serialization)

Enable restrict email recipients?

(define-premium-feature ^{:added "0.47.0"} enable-email-restrict-recipients?
  :email-restrict-recipients)

Enable automatic descriptions of questions and dashboards by LLMs?

(define-premium-feature ^{:added "0.50.0"} enable-llm-autodescription?
  :llm-autodescription)

Enable the Query Validator Tool?

(define-premium-feature ^{:added "0.51.0"} enable-query-reference-validation?
  :query-reference-validation)

Should we allow admins to clean up tables created from uploads?

(define-premium-feature enable-upload-management?
  :upload-management)

Does the Metabase Cloud instance have an internal data warehouse attached?

(define-premium-feature has-attached-dwh?
  :attached-dwh)

Should we various other enhancements, e.g. NativeQuerySnippet collection permissions?

enhancements are not currently a specific "feature" that EE tokens can have or not have. Instead, it's a catch-all term for various bits of EE functionality that we assume all EE licenses include. (This may change in the future.)

By checking whether (*token-features*) is non-empty we can see whether we have a valid EE token. If the token is valid, we can enable EE enhancements.

DEPRECATED -- it should now be possible to use the new 0.41.0+ features for everything previously covered by 'enhancements'.

(define-premium-feature ^:deprecated enable-enhancements?
  :enhancements
  :getter #(and config/ee-available? (has-any-features?)))

Should we enable Collection Cleanup?

(define-premium-feature ^{:added "0.51.0"} enable-collection-cleanup?
  :collection-cleanup)

Should we enable database auth-providers?

(define-premium-feature ^{:added "0.51.0"} enable-database-auth-providers?
  :database-auth-providers)
 
Generated by Marginalia.  Syntax highlighting provided by Alex Gorbatchev's SyntaxHighlighter