I think dashboard-group permission is much more clear/controllable than datasource-group permission.
In most cases, dashboard management will be like this:
1. Use prestodb to link all possible data sources, and add prestodb as single data source to redash.
2. Devs create/manage several dashboards. Some of them are common, others contain sensitive plots.
3. Assign each dashboard to some viewer groups. They can only view current state of dashboards and cannot refresh it manually. Dashboards update only trigger by devs or sql-auto-refresh.
In my case, there is no way to make sensitive dashboards only accessable by specified groups, which is very common permission scenario. Furthermore, the method of per-table access control / database accounts is very inconvenient.