Permissions on who is permitted to delete or change a dashlet/dashboard


We have the following initial situation:

An ICINGA2 installation with one AD as authentication backend for multiple tenants. In ICINGAWEB2 the tenants are all distributed in roles and only see their associated hosts and services via the restrictions, filters and blacklists via a custom variable (ID).

This also works very well.

But now we had the case that a customer had deleted his dashboard by playing around.

As a quick solution, we changed permissions on the /etc/icingaweb2/dashboards directory so that the web server no longer has permissions to change the .cfg and mitigate this issue in the future.

Is there a more elegant solution? Or can the menu items “Add Dashlet & Settings” simply be deactivated?

Many thanks in advance!