There have been numerous discussions of permissions. In this instance I want a user to have full access in every way e.g. ability to write their own queries etc. apart from a couple of columns need obscuring or encrypting as the fields are confidential. Is there a way to do this using Redash?

See this issue here for a full explanation and screenshots:

I came across this in your FAQs but I don’t see how it will help me in this instance:

What if I want to limit the user to only some tables?

The idea is to leverage your database’s security model and hence create a user with access to the tables/columns you want to give access to. Create a data source that’s using this user and then associate it with a group of users who need this level of access.

Ideally I don’t want to create a copy of the real data and delete those columns because I want to have access to the live data.

It’s not something you can do via Redash directly, but something you can do with most datbases.

For example, in our demo instance, I want to give all the users the ability to query {id, name, type} from the data_sources table. So instead of giving a SELECT permission to this table I give a more granular one (SELECT(id, name,type)...).

If you still want to give access to some column, but obscure or encrypt it you can create a database view that has all the other columns as usual but the obscured one as a calculated field. Then instead of giving access to the original table you give access to this view.

It’s hard to give specific examples as this differs from one database to another, but I hope this gives you a direction.