Added per query permissions hook

app/models/blazer/query.rb

@@ -19,7 +19,9 @@ module Blazer
     end
 
     def editable?(user)
-      (name.present? && name.first != "*") || user == creator
+      editable = !persisted? || (name.present? && name.first != "*") || user == creator
+      editable &&= Blazer.query_editable.call(self, user) if Blazer.query_editable
+      editable
     end
   end
 end

app/views/blazer/queries/_form.html.erb

@@ -15,7 +15,7 @@
         <div class="pull-left" style="margin-top: 6px;">
           <%= link_to "Back", :back %>
         </div>
-        <%= f.select :data_source, Blazer.data_sources.values.map { |ds| [ds.name, ds.id] }, {}, class: ("hide" if Blazer.data_sources.size == 1), style: "width: 140px;" %>
+        <%= f.select :data_source, Blazer.data_sources.values.select { |ds| q = @query.dup; q.data_source = ds.id; q.editable?(blazer_user) }.map { |ds| [ds.name, ds.id] }, {}, class: ("hide" if Blazer.data_sources.size == 1), style: "width: 140px;" %>
         <div id="tables" style="display: inline-block; width: 260px; margin-right: 10px;" class="hide">
           <%= render partial: "tables" %>
         </div>

lib/blazer.rb

@@ -31,6 +31,7 @@ module Blazer
     attr_accessor :anomaly_checks
     attr_accessor :async
     attr_accessor :images
+    attr_accessor :query_editable
   end
   self.audit = true
   self.user_name = :name