docs: minor update

docs/sources/administration/permissions.md

@@ -31,7 +31,7 @@ Can do everything scoped to the organization. For example:
 - Add & Edit data sources.
 - Add & Edit data sources.
 - Add & Edit organization users & teams.
 - Add & Edit organization users & teams.
 - Configure App plugins & set org settings.
 - Configure App plugins & set org settings.
-  
+
 ### Editor Role
 ### Editor Role
 
 
 - Can create and modify dashboards & alert rules. This can be disabled on specific folders and dashboards.
 - Can create and modify dashboards & alert rules. This can be disabled on specific folders and dashboards.
@@ -74,3 +74,12 @@ Access Control List (ACL).
 
 
 - You cannot override permissions for users with **Org Admin Role**
 - You cannot override permissions for users with **Org Admin Role**
 - A more specific permission with lower permission level will not have any effect if a more general rule exists with higher permission level. For example if "Everyone with Editor Role Can Edit" exists in the ACL list then **John Doe** will still have Edit permission even after you have specifically added a permission for this user with the permission set to **View**. You need to remove or lower the permission level of the more general rule.
 - A more specific permission with lower permission level will not have any effect if a more general rule exists with higher permission level. For example if "Everyone with Editor Role Can Edit" exists in the ACL list then **John Doe** will still have Edit permission even after you have specifically added a permission for this user with the permission set to **View**. You need to remove or lower the permission level of the more general rule.
+
+### Data source permissions
+
+Permissions on dashboards and folders **do not** include permissions on data sources. A user with `Viewer` role
+can still issue any possible query to a data source, not just those queries that exist on dashboards he/she has access to.
+We hope to add permissions on data sources in a future release. Until then **do not** view dashboard permissions as a secure
+way to restrict user data access. Dashboard permissions only limits what dashboards & folders a user can view & edit not which
+data sources a user can access nor what queries a user can issue.
+

docs/sources/guides/whats-new-in-v5.md

@@ -12,7 +12,7 @@ weight = -6
 
 
 # What's New in Grafana v5.0
 # What's New in Grafana v5.0
 
 
-> Out in beta: [Download now!](https://grafana.com/grafana/download/5.0.0-beta1)
+> Out in beta: [Download now!](https://www.youtube.com/watch?v=Izr0IBgoTZQ)
 
 
 This is the most substantial update that Grafana has ever seen. This article will detail the major new features and enhancements.
 This is the most substantial update that Grafana has ever seen. This article will detail the major new features and enhancements.
 
 
@@ -87,7 +87,11 @@ We hope to do more with teams in future releases like integration with LDAP and
 
 
 {{< docs-imagebox img="/img/docs/v50/folder_permissions.png" max-width="1000px" class="docs-image--right" >}}
 {{< docs-imagebox img="/img/docs/v50/folder_permissions.png" max-width="1000px" class="docs-image--right" >}}
 
 
-You can assign permissions to folders and dashboards. The default user role-based permissions can be removed and replaced with specific teams or users enabling more control over what a user can see and edit.
+You can assign permissions to folders and dashboards. The default user role-based permissions can be removed and
+replaced with specific teams or users enabling more control over what a user can see and edit.
+
+Dashboard permissions only limits what dashboards & folders a user can view & edit not which
+data sources a user can access nor what queries a user can issue.
 
 
 <div class="clearfix"></div>
 <div class="clearfix"></div>