We have the following challenge :
We need to enable/disable components according to users and groups.
How can we do it ? we are having mainly tables and tabs
You can disable queries by group under Advanced Tab.
If you have to enable/disable permissions, you should consider making each component it's own application and at permissions at that level.
Adding on to @ScottR, you can also use the {{current_user}} object to hide/disable/etc conditionally! That object has the current user’s name and permission groups for you to access. Check it out at the bottom of the left panel 
@victoria something like this?
or I suppose you could also use this to hide the component.
{{current_user.groups != "somegrouphere"}}
@barry I would think you would have to for each component. You may want to rethink your architecture if this becomes unmanageable.
^ exactly! You'd have to apply the logic to each component individually (you can always throw components into a container and then apply the logic to just that container), or just split things up between apps.
To be fair, it'd be cool if we could get a queryname.isAllowedToRun or something like that for this scenario, rather than having to hard code group names into components or containers. It makes it easier to maintain this in multiple places across an app.
Eg, hypothetically, if there's a button "cancel order", I don't want people to be able to click it anywhere, which means now I need to have in potentially multiple place a {{ current_user.groups.some(group => group.name === "team_lead") }} whereas it'd be much cleaner if I could have a {{ !cancelOrder.isAllowedToRun }} in the disabled section of the button.
It's not my exact use case, but I would also benefit from such a mechanism.
I think you would still need to add in each query the logic {{ !cancelOrder.isAllowedToRun }} or on the cancel button, the same.
Perhaps setting a temp variable to be true or false based on user group and then logic in button to say if true then it is clickable, if false then it is disabled.
Well, yes.
The idea is that you (in the query cancelOrder) set a list of groups (team leads, admins, senior agents), and then anywhere you have a component executing this query you can just check for eligibility (cancelOrder.isAllowedToRun), rather than duplicate the logic everywhere across your app.
The alternative is indeed defining it elsewhere, eg a javascript transformer, but then you can't really use the "groups allowed to run this query" functionality either, unless you want to have it in 2 places again.
I agree - but there's a difference between allowing a query to run and disabling the button that would run it. So you could have it in one place (the button) and that should suffice. That being said there is no "blanket" application of said user group permission level access across an entire app unless you split your application up into separate pages where only certain groups can use them - this would be done at the Retool admin level.