Merge branch 'nv/v2-list-dashboard' into nv/dashboard-views

* feat: adding endpoint services metadata for account

* fix: adding missing response writer in error

* refactor(cloud-integrations): use account-scoped  ListAccountServices endpoint when an account is connected (#11569)

* fix: frontend changes for issue 4616

* fix: update frontend changes

---------

Co-authored-by: Gaurav Tewari <tewarig@users.noreply.github.com>

---------

Co-authored-by: Gaurav Tewari <gauravtewari111@gmail.com>
Co-authored-by: Gaurav Tewari <tewarig@users.noreply.github.com>

.github/CODEOWNERS

@@ -188,3 +188,7 @@ go.mod @therealpandey
 /frontend/src/container/ListAlertRules/ @SigNoz/pulse-frontend
 /frontend/src/container/TriggeredAlerts/ @SigNoz/pulse-frontend
 /frontend/src/container/AnomalyAlertEvaluationView/ @SigNoz/pulse-frontend
+
+## OpenAPI Schema - Generated
+/frontend/src/api/generated/services/ @therealpandey @vikrantgupta25 @srikanthccv
+/docs/api/openapi.yml @therealpandey @vikrantgupta25 @srikanthccv

.github/workflows/build-enterprise.yaml

@@ -69,6 +69,8 @@ jobs:
           echo 'VITE_APPCUES_APP_ID="${{ secrets.APPCUES_APP_ID }}"' >> frontend/.env
           echo 'VITE_PYLON_IDENTITY_SECRET="${{ secrets.PYLON_IDENTITY_SECRET }}"' >> frontend/.env
           echo 'VITE_DOCS_BASE_URL="https://signoz.io"' >> frontend/.env
+          echo 'VITE_ENVIRONMENT="production"' >> frontend/.env
+          echo 'VITE_VERSION="${{ steps.build-info.outputs.version }}"' >> frontend/.env
       - name: cache-dotenv
         uses: actions/cache@v4
         with:

.github/workflows/build-staging.yaml

@@ -70,6 +70,8 @@ jobs:
           echo 'VITE_APPCUES_APP_ID="${{ secrets.NP_APPCUES_APP_ID }}"' >> frontend/.env
           echo 'VITE_PYLON_IDENTITY_SECRET="${{ secrets.NP_PYLON_IDENTITY_SECRET }}"' >> frontend/.env
           echo 'VITE_DOCS_BASE_URL="https://staging.signoz.io"' >> frontend/.env
+          echo 'VITE_ENVIRONMENT="staging"' >> frontend/.env
+          echo 'VITE_VERSION="${{ steps.build-info.outputs.version }}"' >> frontend/.env
       - name: cache-dotenv
         uses: actions/cache@v4
         with:

.github/workflows/gor-signoz.yaml

@@ -35,6 +35,8 @@ jobs:
           echo 'VITE_APPCUES_APP_ID="${{ secrets.APPCUES_APP_ID }}"' >> .env
           echo 'VITE_PYLON_IDENTITY_SECRET="${{ secrets.PYLON_IDENTITY_SECRET }}"' >> .env
           echo 'VITE_DOCS_BASE_URL="https://signoz.io"' >> .env
+          echo 'VITE_ENVIRONMENT="production"' >> .env
+          echo 'VITE_VERSION="${{ github.ref_name }}"' >> .env
       - name: node-setup
         uses: actions/setup-node@v5
         with:

ee/modules/cloudintegration/implcloudintegration/module.go

@@ -355,26 +355,32 @@ func (module *module) GetService(ctx context.Context, orgID valuer.UUID, service
 
 	var integrationService *cloudintegrationtypes.CloudIntegrationService
 
-	if !cloudIntegrationID.IsZero() {
-		storedService, err := module.store.GetServiceByServiceID(ctx, cloudIntegrationID, serviceID)
-		if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-			return nil, err
-		}
-		if storedService != nil {
-			serviceConfig, err := cloudintegrationtypes.NewServiceConfigFromJSON(provider, storedService.Config)
-			if err != nil {
-				return nil, err
-			}
-
-			integrationService = cloudintegrationtypes.NewCloudIntegrationServiceFromStorable(storedService, serviceConfig)
-		}
-
-		if err := module.enrichDashboardIDs(ctx, orgID, provider, serviceID, serviceDefinition); err != nil {
-			return nil, err
-		}
+	if cloudIntegrationID.IsZero() {
+		return cloudintegrationtypes.NewService(provider, serviceDefinition, nil, nil), nil
 	}
 
-	return cloudintegrationtypes.NewService(*serviceDefinition, integrationService), nil
+	storedService, err := module.store.GetServiceByServiceID(ctx, cloudIntegrationID, serviceID)
+	if err != nil && !errors.Ast(err, errors.TypeNotFound) {
+		return nil, err
+	}
+	if storedService == nil {
+		return cloudintegrationtypes.NewService(provider, serviceDefinition, nil, nil), nil
+	}
+
+	serviceConfig, err := cloudintegrationtypes.NewServiceConfigFromJSON(provider, storedService.Config)
+	if err != nil {
+		return nil, err
+	}
+
+	integrationService = cloudintegrationtypes.NewCloudIntegrationServiceFromStorable(storedService, serviceConfig)
+
+	slugPrefix := cloudintegrationtypes.CloudIntegrationDashboardSlugPrefix(provider, serviceID)
+	integrationDashboards, err := module.store.ListIntegrationDashboardsBySlugPrefix(ctx, orgID, cloudintegrationtypes.IntegrationDashboardProviderCloudIntegration, slugPrefix)
+	if err != nil {
+		return nil, err
+	}
+
+	return cloudintegrationtypes.NewService(provider, serviceDefinition, integrationService, integrationDashboards), nil
 }
 
 func (module *module) CreateService(ctx context.Context, orgID valuer.UUID, createdBy string, creator valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService, provider cloudintegrationtypes.CloudProviderType) error {
@@ -583,20 +589,3 @@ func (module *module) deprovisionDashboards(ctx context.Context, orgID valuer.UU
 	}
 	return nil
 }
-
-// enrichDashboardIDs replaces the raw dashboard name in each Dashboard.ID with the provisioned UUID.
-// TODO: remove this hack and send idiomatic response to client.
-func (module *module) enrichDashboardIDs(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, serviceID cloudintegrationtypes.ServiceID, serviceDefinition *cloudintegrationtypes.ServiceDefinition) error {
-	for i, d := range serviceDefinition.Assets.Dashboards {
-		slug := cloudintegrationtypes.CloudIntegrationDashboardSlug(provider, serviceID, d.ID)
-		row, err := module.store.GetIntegrationDashboardBySlug(ctx, orgID, cloudintegrationtypes.IntegrationDashboardProviderCloudIntegration, slug)
-		if err != nil {
-			if errors.Ast(err, errors.TypeNotFound) {
-				continue
-			}
-			return err
-		}
-		serviceDefinition.Assets.Dashboards[i].ID = row.DashboardID
-	}
-	return nil
-}

ee/modules/dashboard/impldashboard/module.go

@@ -221,6 +221,55 @@ func (module *module) GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UU
 	return module.pkgDashboardModule.GetV2(ctx, orgID, id)
 }
 
+func (module *module) UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, updatable dashboardtypes.UpdatableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	return module.pkgDashboardModule.UpdateV2(ctx, orgID, id, updatedBy, updatable)
+}
+
+func (module *module) PatchV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, patch dashboardtypes.PatchableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	return module.pkgDashboardModule.PatchV2(ctx, orgID, id, updatedBy, patch)
+}
+
+func (module *module) DeleteV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	return module.store.RunInTx(ctx, func(ctx context.Context) error {
+		if err := module.store.DeletePublic(ctx, id.String()); err != nil && !errors.Ast(err, errors.TypeNotFound) {
+			return err
+		}
+		return module.pkgDashboardModule.DeleteV2(ctx, orgID, id)
+	})
+}
+
+func (module *module) LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
+	return module.pkgDashboardModule.LockUnlockV2(ctx, orgID, id, updatedBy, isAdmin, lock)
+}
+
+func (module *module) ListV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, params *dashboardtypes.ListDashboardsV2Params) (*dashboardtypes.ListableDashboardV2, error) {
+	return module.pkgDashboardModule.ListV2(ctx, orgID, userID, params)
+}
+
+func (module *module) PinV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, id valuer.UUID) error {
+	return module.pkgDashboardModule.PinV2(ctx, orgID, userID, id)
+}
+
+func (module *module) UnpinV2(ctx context.Context, userID valuer.UUID, id valuer.UUID) error {
+	return module.pkgDashboardModule.UnpinV2(ctx, userID, id)
+}
+
+func (module *module) CreateView(ctx context.Context, orgID valuer.UUID, postable dashboardtypes.PostableDashboardView) (*dashboardtypes.DashboardView, error) {
+	return module.pkgDashboardModule.CreateView(ctx, orgID, postable)
+}
+
+func (module *module) ListViews(ctx context.Context, orgID valuer.UUID) (*dashboardtypes.ListableDashboardView, error) {
+	return module.pkgDashboardModule.ListViews(ctx, orgID)
+}
+
+func (module *module) UpdateView(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updateable dashboardtypes.UpdateableDashboardView) (*dashboardtypes.DashboardView, error) {
+	return module.pkgDashboardModule.UpdateView(ctx, orgID, id, updateable)
+}
+
+func (module *module) DeleteView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	return module.pkgDashboardModule.DeleteView(ctx, orgID, id)
+}
+
 func (module *module) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.Dashboard, error) {
 	return module.pkgDashboardModule.Get(ctx, orgID, id)
 }

ee/sqlstore/postgressqlstore/formatter.go

@@ -16,10 +16,11 @@ func newFormatter(dialect schema.Dialect) sqlstore.SQLFormatter {
 }
 
 func (f *formatter) JSONExtractString(column, path string) []byte {
-	var sql []byte
-	sql = f.bunf.AppendIdent(sql, column)
-	sql = append(sql, f.convertJSONPathToPostgres(path)...)
-	return sql
+	ops := f.convertJSONPathToPostgres(path)
+	if len(ops) == 0 {
+		return f.bunf.AppendIdent(nil, column)
+	}
+	return append(f.TextToJsonColumn(column), ops...)
 }
 
 func (f *formatter) JSONType(column, path string) []byte {

ee/sqlstore/postgressqlstore/formatter_test.go

@@ -18,19 +18,19 @@ func TestJSONExtractString(t *testing.T) {
 			name:     "simple path",
 			column:   "data",
 			path:     "$.field",
-			expected: `"data"->>'field'`,
+			expected: `"data"::jsonb->>'field'`,
 		},
 		{
 			name:     "nested path",
 			column:   "metadata",
 			path:     "$.user.name",
-			expected: `"metadata"->'user'->>'name'`,
+			expected: `"metadata"::jsonb->'user'->>'name'`,
 		},
 		{
 			name:     "deeply nested path",
 			column:   "json_col",
 			path:     "$.level1.level2.level3",
-			expected: `"json_col"->'level1'->'level2'->>'level3'`,
+			expected: `"json_col"::jsonb->'level1'->'level2'->>'level3'`,
 		},
 		{
 			name:     "root path",

ee/sqlstore/postgressqlstore/listfilter_test.go

@@ -0,0 +1,65 @@
+package postgressqlstore
+
+// Lives in this package (rather than the listfilter package) so it can use
+// the unexported newFormatter constructor without driving a real Postgres
+// connection. Covers the only listfilter cases whose emitted SQL differs
+// between SQLite and Postgres — the ones that go through JSONExtractString
+// (`name`, `description`). All other operators (=, !=, BETWEEN, LIKE, IN,
+// EXISTS, lower(...)) emit identical ANSI SQL on both dialects and are
+// covered by the SQLite tests in the listfilter package itself.
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"github.com/uptrace/bun/dialect/pgdialect"
+
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes/listfilter"
+)
+
+func TestListFilterCompile_Postgres(t *testing.T) {
+	f := newFormatter(pgdialect.New())
+
+	cases := []struct {
+		name     string
+		query    string
+		wantSQL  string
+		wantArgs []any
+	}{
+		{
+			name:     "name = uses Postgres -> / ->> chain",
+			query:    `name = 'overview'`,
+			wantSQL:  `"dashboard"."data"::jsonb->'spec'->'display'->>'name' = ?`,
+			wantArgs: []any{"overview"},
+		},
+		{
+			name:     "name CONTAINS — same JSON path, LIKE pattern",
+			query:    `name CONTAINS 'overview'`,
+			wantSQL:  `"dashboard"."data"::jsonb->'spec'->'display'->>'name' LIKE ?`,
+			wantArgs: []any{"%overview%"},
+		},
+		{
+			name:     "name ILIKE — LOWER wraps the JSON path",
+			query:    `name ILIKE 'Prod%'`,
+			wantSQL:  `lower("dashboard"."data"::jsonb->'spec'->'display'->>'name') LIKE LOWER(?)`,
+			wantArgs: []any{"Prod%"},
+		},
+		{
+			name:     "description = follows the same path shape",
+			query:    `description = 'd1'`,
+			wantSQL:  `"dashboard"."data"::jsonb->'spec'->'display'->>'description' = ?`,
+			wantArgs: []any{"d1"},
+		},
+	}
+
+	for _, c := range cases {
+		t.Run(c.name, func(t *testing.T) {
+			out, err := listfilter.Compile(c.query, f)
+			require.NoError(t, err)
+			require.NotNil(t, out)
+			assert.Equal(t, c.wantSQL, out.SQL)
+			assert.Equal(t, c.wantArgs, out.Args)
+		})
+	}
+}

frontend/src/AppRoutes/index.tsx

@@ -351,19 +351,18 @@ function App(): JSX.Element {
 				Sentry.init({
 					dsn: process.env.SENTRY_DSN,
 					tunnel: process.env.TUNNEL_URL,
-					environment: 'production',
+					environment: process.env.ENVIRONMENT,
+					release: process.env.VERSION,
 					integrations: [
+						// Kept for the `transaction` tag used in routing, even though
+						// tracing is disabled. Ref: https://github.com/SigNoz/platform-pod/issues/2393#issuecomment-4603658055
 						Sentry.browserTracingIntegration(),
 						Sentry.replayIntegration({
 							maskAllText: false,
 							blockAllMedia: false,
 						}),
 					],
-					// Performance Monitoring
-					tracesSampleRate: 1.0, //  Capture 100% of the transactions
-					// Set 'tracePropagationTargets' to control for which URLs distributed tracing should be enabled
-					tracePropagationTargets: [],
-					// Session Replay
+					tracesSampleRate: 0, // Ref: https://github.com/SigNoz/platform-pod/issues/2393#issuecomment-4603658055
 					replaysSessionSampleRate: 0.1, // This sets the sample rate at 10%. You may want to change it to 100% while in development and then sample at a lower rate in production.
 					replaysOnErrorSampleRate: 1.0, // If you're not already sampling the entire session, change the sample rate to 100% when sampling sessions where errors occur.
 					beforeSend(event) {

frontend/src/api/generated/services/cloudintegration/index.ts

@@ -36,6 +36,8 @@ import type {
 	GetService200,
 	GetServiceParams,
 	GetServicePathParameters,
+	ListAccountServicesMetadata200,
+	ListAccountServicesMetadataPathParameters,
 	ListAccounts200,
 	ListAccountsPathParameters,
 	ListServicesMetadata200,
@@ -631,6 +633,116 @@ export const useUpdateAccount = <
 > => {
 	return useMutation(getUpdateAccountMutationOptions(options));
 };
+/**
+ * This endpoint lists the services metadata for the specified account and cloud provider
+ * @summary List account services metadata
+ */
+export const listAccountServicesMetadata = (
+	{ cloudProvider, id }: ListAccountServicesMetadataPathParameters,
+	signal?: AbortSignal,
+) => {
+	return GeneratedAPIInstance<ListAccountServicesMetadata200>({
+		url: `/api/v1/cloud_integrations/${cloudProvider}/accounts/${id}/services`,
+		method: 'GET',
+		signal,
+	});
+};
+
+export const getListAccountServicesMetadataQueryKey = ({
+	cloudProvider,
+	id,
+}: ListAccountServicesMetadataPathParameters) => {
+	return [
+		`/api/v1/cloud_integrations/${cloudProvider}/accounts/${id}/services`,
+	] as const;
+};
+
+export const getListAccountServicesMetadataQueryOptions = <
+	TData = Awaited<ReturnType<typeof listAccountServicesMetadata>>,
+	TError = ErrorType<RenderErrorResponseDTO>,
+>(
+	{ cloudProvider, id }: ListAccountServicesMetadataPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof listAccountServicesMetadata>>,
+			TError,
+			TData
+		>;
+	},
+) => {
+	const { query: queryOptions } = options ?? {};
+
+	const queryKey =
+		queryOptions?.queryKey ??
+		getListAccountServicesMetadataQueryKey({ cloudProvider, id });
+
+	const queryFn: QueryFunction<
+		Awaited<ReturnType<typeof listAccountServicesMetadata>>
+	> = ({ signal }) => listAccountServicesMetadata({ cloudProvider, id }, signal);
+
+	return {
+		queryKey,
+		queryFn,
+		enabled: !!(cloudProvider && id),
+		...queryOptions,
+	} as UseQueryOptions<
+		Awaited<ReturnType<typeof listAccountServicesMetadata>>,
+		TError,
+		TData
+	> & { queryKey: QueryKey };
+};
+
+export type ListAccountServicesMetadataQueryResult = NonNullable<
+	Awaited<ReturnType<typeof listAccountServicesMetadata>>
+>;
+export type ListAccountServicesMetadataQueryError =
+	ErrorType<RenderErrorResponseDTO>;
+
+/**
+ * @summary List account services metadata
+ */
+
+export function useListAccountServicesMetadata<
+	TData = Awaited<ReturnType<typeof listAccountServicesMetadata>>,
+	TError = ErrorType<RenderErrorResponseDTO>,
+>(
+	{ cloudProvider, id }: ListAccountServicesMetadataPathParameters,
+	options?: {
+		query?: UseQueryOptions<
+			Awaited<ReturnType<typeof listAccountServicesMetadata>>,
+			TError,
+			TData
+		>;
+	},
+): UseQueryResult<TData, TError> & { queryKey: QueryKey } {
+	const queryOptions = getListAccountServicesMetadataQueryOptions(
+		{ cloudProvider, id },
+		options,
+	);
+
+	const query = useQuery(queryOptions) as UseQueryResult<TData, TError> & {
+		queryKey: QueryKey;
+	};
+
+	return { ...query, queryKey: queryOptions.queryKey };
+}
+
+/**
+ * @summary List account services metadata
+ */
+export const invalidateListAccountServicesMetadata = async (
+	queryClient: QueryClient,
+	{ cloudProvider, id }: ListAccountServicesMetadataPathParameters,
+	options?: InvalidateOptions,
+): Promise<QueryClient> => {
+	await queryClient.invalidateQueries(
+		{ queryKey: getListAccountServicesMetadataQueryKey({ cloudProvider, id }) },
+		options,
+	);
+
+	return queryClient;
+};
+
 /**
  * This endpoint updates a service for the specified cloud provider
  * @summary Update service

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -2457,33 +2457,6 @@ export interface CloudintegrationtypesAccountDTO {
 	updatedAt?: string;
 }
 
-export interface DashboardtypesStorableDashboardDataDTO {
-	[key: string]: unknown;
-}
-
-export interface CloudintegrationtypesDashboardDTO {
-	definition?: DashboardtypesStorableDashboardDataDTO;
-	/**
-	 * @type string
-	 */
-	description?: string;
-	/**
-	 * @type string
-	 */
-	id?: string;
-	/**
-	 * @type string
-	 */
-	title?: string;
-}
-
-export interface CloudintegrationtypesAssetsDTO {
-	/**
-	 * @type array,null
-	 */
-	dashboards?: CloudintegrationtypesDashboardDTO[] | null;
-}
-
 export interface CloudintegrationtypesAzureConnectionArtifactDTO {
 	/**
 	 * @type string
@@ -2866,6 +2839,54 @@ export interface CloudintegrationtypesPostableAgentCheckInDTO {
 	providerAccountId?: string;
 }
 
+export interface CloudintegrationtypesStorableIntegrationDashboardDTO {
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt: string;
+	/**
+	 * @type string
+	 */
+	dashboardId: string;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	provider: string;
+	/**
+	 * @type string
+	 */
+	slug: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt: string;
+}
+
+export interface CloudintegrationtypesServiceDashboardDTO {
+	/**
+	 * @type string
+	 */
+	description: string;
+	integrationDashboard?: CloudintegrationtypesStorableIntegrationDashboardDTO;
+	/**
+	 * @type string
+	 */
+	title: string;
+}
+
+export interface CloudintegrationtypesServiceAssetsDTO {
+	/**
+	 * @type array
+	 */
+	dashboards: CloudintegrationtypesServiceDashboardDTO[];
+}
+
 export interface CloudintegrationtypesSupportedSignalsDTO {
 	/**
 	 * @type boolean
@@ -2877,13 +2898,8 @@ export interface CloudintegrationtypesSupportedSignalsDTO {
 	metrics?: boolean;
 }
 
-export interface CloudintegrationtypesTelemetryCollectionStrategyDTO {
-	aws?: CloudintegrationtypesAWSTelemetryCollectionStrategyDTO;
-	azure?: CloudintegrationtypesAzureTelemetryCollectionStrategyDTO;
-}
-
 export interface CloudintegrationtypesServiceDTO {
-	assets: CloudintegrationtypesAssetsDTO;
+	assets: CloudintegrationtypesServiceAssetsDTO;
 	cloudIntegrationService: CloudintegrationtypesCloudIntegrationServiceDTO | null;
 	dataCollected: CloudintegrationtypesDataCollectedDTO;
 	/**
@@ -2899,7 +2915,6 @@ export interface CloudintegrationtypesServiceDTO {
 	 */
 	overview: string;
 	supportedSignals: CloudintegrationtypesSupportedSignalsDTO;
-	telemetryCollectionStrategy: CloudintegrationtypesTelemetryCollectionStrategyDTO;
 	/**
 	 * @type string
 	 */
@@ -3705,6 +3720,10 @@ export interface DashboardtypesCustomVariableSpecDTO {
 	customValue: string;
 }
 
+export interface DashboardtypesStorableDashboardDataDTO {
+	[key: string]: unknown;
+}
+
 export enum DashboardtypesSourceDTO {
 	user = 'user',
 	system = 'system',
@@ -4568,6 +4587,54 @@ export interface DashboardtypesDashboardSpecDTO {
 	variables?: DashboardtypesVariableDTO[];
 }
 
+export enum DashboardtypesListOrderDTO {
+	asc = 'asc',
+	desc = 'desc',
+}
+export enum DashboardtypesListSortDTO {
+	updated_at = 'updated_at',
+	created_at = 'created_at',
+	name = 'name',
+}
+export interface DashboardtypesDashboardViewDataDTO {
+	order?: DashboardtypesListOrderDTO;
+	/**
+	 * @type string
+	 */
+	query?: string;
+	sort?: DashboardtypesListSortDTO;
+	/**
+	 * @type string
+	 */
+	version: string;
+}
+
+export interface DashboardtypesDashboardViewDTO {
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt?: string;
+	data: DashboardtypesDashboardViewDataDTO;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type string
+	 */
+	orgId: string;
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt?: string;
+}
+
 export enum DashboardtypesDatasourcePluginKindDTO {
 	'signoz/Datasource' = 'signoz/Datasource',
 }
@@ -4653,6 +4720,114 @@ export interface DashboardtypesGettablePublicDashboardDataDTO {
 	publicDashboard?: DashboardtypesGettablePublicDasbhboardDTO;
 }
 
+export enum DashboardtypesPatchOpDTO {
+	add = 'add',
+	remove = 'remove',
+	replace = 'replace',
+	move = 'move',
+	copy = 'copy',
+	test = 'test',
+}
+export interface DashboardtypesJSONPatchOperationDTO {
+	/**
+	 * @type string
+	 * @description Source JSON Pointer for move/copy ops; ignored for other ops.
+	 */
+	from?: string;
+	op: DashboardtypesPatchOpDTO;
+	/**
+	 * @type string
+	 * @description JSON Pointer (RFC 6901) into the dashboard's postable shape — e.g. /spec/display/name, /spec/panels/<id>, /spec/panels/<id>/spec/queries/0, /tags/-.
+	 */
+	path: string;
+	/**
+	 * @description Value to add/replace/test against. The expected type depends on the path. Common shapes (see referenced schemas for the exact field set): /spec/panels/<id> takes a DashboardtypesPanel; /spec/panels/<id>/spec/queries/N (or /-) takes a DashboardtypesQuery; /spec/variables/N takes a DashboardtypesVariable; /spec/layouts/N takes a DashboardtypesLayout; /tags/N (or /-) takes a TagtypesPostableTag; /spec/display/name and other leaf string fields take a string. Required for add/replace/test; ignored for remove/move/copy.
+	 */
+	value?: unknown;
+}
+
+export interface DashboardtypesListedDashboardV2SpecDTO {
+	display?: CommonDisplayDTO;
+}
+
+export interface DashboardtypesListedDashboardV2DTO {
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	createdAt?: string;
+	/**
+	 * @type string
+	 */
+	createdBy?: string;
+	/**
+	 * @type string
+	 */
+	id: string;
+	/**
+	 * @type string
+	 */
+	image?: string;
+	/**
+	 * @type boolean
+	 */
+	locked: boolean;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type string
+	 */
+	orgId: string;
+	/**
+	 * @type boolean
+	 */
+	pinned: boolean;
+	/**
+	 * @type string
+	 */
+	schemaVersion: string;
+	source: DashboardtypesSourceDTO;
+	spec: DashboardtypesListedDashboardV2SpecDTO;
+	/**
+	 * @type array
+	 */
+	tags: TagtypesPostableTagDTO[];
+	/**
+	 * @type string
+	 * @format date-time
+	 */
+	updatedAt?: string;
+	/**
+	 * @type string
+	 */
+	updatedBy?: string;
+}
+
+export interface DashboardtypesListableDashboardV2DTO {
+	/**
+	 * @type array
+	 */
+	dashboards: DashboardtypesListedDashboardV2DTO[];
+	/**
+	 * @type array
+	 */
+	tags: TagtypesPostableTagDTO[];
+	/**
+	 * @type integer
+	 * @format int64
+	 */
+	total: number;
+}
+
+export interface DashboardtypesListableDashboardViewDTO {
+	/**
+	 * @type array
+	 */
+	views: DashboardtypesDashboardViewDTO[];
+}
+
 export enum DashboardtypesPanelPluginKindDTO {
 	'signoz/TimeSeriesPanel' = 'signoz/TimeSeriesPanel',
 	'signoz/BarChartPanel' = 'signoz/BarChartPanel',
@@ -4662,6 +4837,13 @@ export enum DashboardtypesPanelPluginKindDTO {
 	'signoz/HistogramPanel' = 'signoz/HistogramPanel',
 	'signoz/ListPanel' = 'signoz/ListPanel',
 }
+/**
+ * @nullable
+ */
+export type DashboardtypesPatchableDashboardV2DTO =
+	| DashboardtypesJSONPatchOperationDTO[]
+	| null;
+
 export interface DashboardtypesPostableDashboardV2DTO {
 	/**
 	 * @type boolean
@@ -4686,6 +4868,14 @@ export interface DashboardtypesPostableDashboardV2DTO {
 	tags: TagtypesPostableTagDTO[] | null;
 }
 
+export interface DashboardtypesPostableDashboardViewDTO {
+	data: DashboardtypesDashboardViewDataDTO;
+	/**
+	 * @type string
+	 */
+	name: string;
+}
+
 export interface DashboardtypesPostablePublicDashboardDTO {
 	/**
 	 * @type string
@@ -4705,6 +4895,26 @@ export enum DashboardtypesQueryPluginKindDTO {
 	'signoz/ClickHouseSQL' = 'signoz/ClickHouseSQL',
 	'signoz/TraceOperator' = 'signoz/TraceOperator',
 }
+export interface DashboardtypesUpdatableDashboardV2DTO {
+	/**
+	 * @type string
+	 */
+	image?: string;
+	/**
+	 * @type string
+	 */
+	name: string;
+	/**
+	 * @type string
+	 */
+	schemaVersion: string;
+	spec: DashboardtypesDashboardSpecDTO;
+	/**
+	 * @type array,null
+	 */
+	tags: TagtypesPostableTagDTO[] | null;
+}
+
 export interface DashboardtypesUpdatablePublicDashboardDTO {
 	/**
 	 * @type string
@@ -8623,6 +8833,18 @@ export type UpdateAccountPathParameters = {
 	cloudProvider: string;
 	id: string;
 };
+export type ListAccountServicesMetadataPathParameters = {
+	cloudProvider: string;
+	id: string;
+};
+export type ListAccountServicesMetadata200 = {
+	data: CloudintegrationtypesGettableServicesMetadataDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
 export type UpdateServicePathParameters = {
 	cloudProvider: string;
 	id: string;
@@ -9457,6 +9679,40 @@ export type GetUserPreference200 = {
 export type UpdateUserPreferencePathParameters = {
 	name: string;
 };
+export type ListDashboardsV2Params = {
+	/**
+	 * @type string
+	 * @description undefined
+	 */
+	query?: string;
+	/**
+	 * @description undefined
+	 */
+	sort?: DashboardtypesListSortDTO;
+	/**
+	 * @description undefined
+	 */
+	order?: DashboardtypesListOrderDTO;
+	/**
+	 * @type integer
+	 * @description undefined
+	 */
+	limit?: number;
+	/**
+	 * @type integer
+	 * @description undefined
+	 */
+	offset?: number;
+};
+
+export type ListDashboardsV2200 = {
+	data: DashboardtypesListableDashboardV2DTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
 export type CreateDashboardV2201 = {
 	data: DashboardtypesGettableDashboardV2DTO;
 	/**
@@ -9465,6 +9721,9 @@ export type CreateDashboardV2201 = {
 	status: string;
 };
 
+export type DeleteDashboardV2PathParameters = {
+	id: string;
+};
 export type GetDashboardV2PathParameters = {
 	id: string;
 };
@@ -9476,6 +9735,70 @@ export type GetDashboardV2200 = {
 	status: string;
 };
 
+export type PatchDashboardV2PathParameters = {
+	id: string;
+};
+export type PatchDashboardV2200 = {
+	data: DashboardtypesGettableDashboardV2DTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type UpdateDashboardV2PathParameters = {
+	id: string;
+};
+export type UpdateDashboardV2200 = {
+	data: DashboardtypesGettableDashboardV2DTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type UnlockDashboardV2PathParameters = {
+	id: string;
+};
+export type LockDashboardV2PathParameters = {
+	id: string;
+};
+export type UnpinDashboardV2PathParameters = {
+	id: string;
+};
+export type PinDashboardV2PathParameters = {
+	id: string;
+};
+export type ListDashboardViews200 = {
+	data: DashboardtypesListableDashboardViewDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type CreateDashboardView201 = {
+	data: DashboardtypesDashboardViewDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
+export type DeleteDashboardViewPathParameters = {
+	id: string;
+};
+export type UpdateDashboardViewPathParameters = {
+	id: string;
+};
+export type UpdateDashboardView200 = {
+	data: DashboardtypesDashboardViewDTO;
+	/**
+	 * @type string
+	 */
+	status: string;
+};
+
 export type GetFeatures200 = {
 	/**
 	 * @type array

frontend/src/container/Integrations/CloudIntegration/AmazonWebServices/ServiceDetails/ServiceDetails.tsx

@@ -8,16 +8,16 @@ import { Tabs } from '@signozhq/ui/tabs';
 import { Skeleton } from 'antd';
 import logEvent from 'api/common/logEvent';
 import {
-	getListServicesMetadataQueryKey,
+	getListAccountServicesMetadataQueryKey,
 	invalidateGetService,
-	invalidateListServicesMetadata,
+	invalidateListAccountServicesMetadata,
 	useGetService,
 	useUpdateService,
 } from 'api/generated/services/cloudintegration';
 import {
 	CloudintegrationtypesServiceConfigDTO,
 	CloudintegrationtypesServiceDTO,
-	ListServicesMetadata200,
+	ListAccountServicesMetadata200,
 } from 'api/generated/services/sigNoz.schemas';
 import CloudServiceDataCollected from 'components/CloudIntegrations/CloudServiceDataCollected/CloudServiceDataCollected';
 import { MarkdownRenderer } from 'components/MarkdownRenderer/MarkdownRenderer';
@@ -240,16 +240,12 @@ function ServiceDetails({
 							// instead of waiting for the refetch to complete.
 							reset(nextFormValues);
 
-							const servicesListQueryKey = getListServicesMetadataQueryKey(
-								{
-									cloudProvider: type,
-								},
-								{
-									cloud_integration_id: cloudAccountId,
-								},
-							);
+							const servicesListQueryKey = getListAccountServicesMetadataQueryKey({
+								cloudProvider: type,
+								id: cloudAccountId,
+							});
 
-							queryClient.setQueryData<ListServicesMetadata200 | undefined>(
+							queryClient.setQueryData<ListAccountServicesMetadata200 | undefined>(
 								servicesListQueryKey,
 								(prev) => {
 									if (!prev?.data?.services?.length) {
@@ -283,15 +279,10 @@ function ServiceDetails({
 								},
 							);
 
-							invalidateListServicesMetadata(
-								queryClient,
-								{
-									cloudProvider: type,
-								},
-								{
-									cloud_integration_id: cloudAccountId,
-								},
-							);
+							invalidateListAccountServicesMetadata(queryClient, {
+								cloudProvider: type,
+								id: cloudAccountId,
+							});
 
 							logEvent(`${type} Integration: Service settings saved`, {
 								cloudAccountId,

frontend/src/container/Integrations/CloudIntegration/AmazonWebServices/__tests__/mockData.ts

@@ -55,7 +55,6 @@ const buildServiceDetailsResponse = (
 				},
 			},
 		},
-		telemetryCollectionStrategy: { aws: {} },
 	},
 });
 

frontend/src/container/Integrations/CloudIntegration/ServiceDashboards/DashboardCard.tsx

@@ -0,0 +1,68 @@
+import type { KeyboardEvent, MouseEvent } from 'react';
+import { TooltipSimple } from '@signozhq/ui/tooltip';
+import { CloudintegrationtypesServiceDashboardDTO } from 'api/generated/services/sigNoz.schemas';
+import { useSafeNavigate } from 'hooks/useSafeNavigate';
+import { openInNewTab } from 'utils/navigation';
+
+const DISABLED_TOOLTIP =
+	'Enable metrics collection for this service to view this dashboard.';
+
+function DashboardCard({
+	dashboard,
+	isInteractive,
+}: {
+	dashboard: CloudintegrationtypesServiceDashboardDTO;
+	isInteractive: boolean;
+}): JSX.Element {
+	const dashboardId = dashboard.integrationDashboard?.dashboardId;
+	const isClickable = Boolean(dashboardId) && isInteractive;
+	const dashboardUrl = dashboardId ? `/dashboard/${dashboardId}` : '';
+
+	const { safeNavigate } = useSafeNavigate();
+
+	const interactiveProps = isClickable
+		? {
+				role: 'button',
+				tabIndex: 0,
+				onClick: (event: MouseEvent<HTMLDivElement>): void => {
+					if (event.metaKey || event.ctrlKey) {
+						openInNewTab(dashboardUrl);
+						return;
+					}
+					safeNavigate(dashboardUrl);
+				},
+				onKeyDown: (event: KeyboardEvent<HTMLDivElement>): void => {
+					if (event.key === 'Enter' || event.key === ' ') {
+						event.preventDefault();
+						safeNavigate(dashboardUrl);
+					}
+				},
+			}
+		: {};
+
+	const card = (
+		<div
+			className={`aws-service-dashboard-item ${
+				isClickable
+					? 'aws-service-dashboard-item-clickable'
+					: 'aws-service-dashboard-item-disabled'
+			} `}
+			{...interactiveProps}
+		>
+			<div className="aws-service-dashboard-item-content">
+				<div className="aws-service-dashboard-item-title">{dashboard.title}</div>
+				<div className="aws-service-dashboard-item-description">
+					{dashboard.description}
+				</div>
+			</div>
+		</div>
+	);
+
+	if (!dashboardId) {
+		return <TooltipSimple title={DISABLED_TOOLTIP}>{card}</TooltipSimple>;
+	}
+
+	return card;
+}
+
+export default DashboardCard;

frontend/src/container/Integrations/CloudIntegration/ServiceDashboards/ServiceDashboards.styles.scss

@@ -53,6 +53,11 @@
 				}
 			}
 
+			&.aws-service-dashboard-item-disabled {
+				cursor: not-allowed;
+				opacity: 0.6;
+			}
+
 			.aws-service-dashboard-item-content {
 				display: flex;
 				flex-direction: column;

frontend/src/container/Integrations/CloudIntegration/ServiceDashboards/ServiceDashboards.tsx

@@ -1,11 +1,9 @@
-/* eslint-disable sonarjs/cognitive-complexity */
 import {
-	CloudintegrationtypesDashboardDTO,
+	CloudintegrationtypesServiceDashboardDTO,
 	CloudintegrationtypesServiceDTO,
 } from 'api/generated/services/sigNoz.schemas';
-import { useSafeNavigate } from 'hooks/useSafeNavigate';
-import { withBasePath } from 'utils/basePath';
 
+import DashboardCard from './DashboardCard';
 import './ServiceDashboards.styles.scss';
 
 function ServiceDashboards({
@@ -16,7 +14,6 @@ function ServiceDashboards({
 	isInteractive?: boolean;
 }): JSX.Element {
 	const dashboards = service?.assets?.dashboards || [];
-	const { safeNavigate } = useSafeNavigate();
 	if (!dashboards.length) {
 		return <></>;
 	}
@@ -25,68 +22,20 @@ function ServiceDashboards({
 		<div className="aws-service-dashboards">
 			<div className="aws-service-dashboards-title">Dashboards</div>
 			<div className="aws-service-dashboards-items">
-				{dashboards.map((dashboard: CloudintegrationtypesDashboardDTO) => {
-					if (!dashboard.id) {
-						return null;
-					}
-
-					const dashboardUrl = `/dashboard/${dashboard.id}`;
-
-					return (
-						<div
-							key={dashboard.id}
-							className={`aws-service-dashboard-item ${
-								isInteractive ? 'aws-service-dashboard-item-clickable' : ''
-							}`}
-							role={isInteractive ? 'button' : undefined}
-							tabIndex={isInteractive ? 0 : -1}
-							onClick={(event): void => {
-								if (!isInteractive) {
-									return;
-								}
-								if (event.metaKey || event.ctrlKey) {
-									window.open(
-										withBasePath(dashboardUrl),
-										'_blank',
-										'noopener,noreferrer',
-									);
-									return;
-								}
-								safeNavigate(dashboardUrl);
-							}}
-							onAuxClick={(event): void => {
-								if (!isInteractive) {
-									return;
-								}
-								if (event.button === 1) {
-									window.open(
-										withBasePath(dashboardUrl),
-										'_blank',
-										'noopener,noreferrer',
-									);
-								}
-							}}
-							onKeyDown={(event): void => {
-								if (!isInteractive) {
-									return;
-								}
-								if (event.key === 'Enter' || event.key === ' ') {
-									event.preventDefault();
-									safeNavigate(dashboardUrl);
-								}
-							}}
-						>
-							<div className="aws-service-dashboard-item-content">
-								<div className="aws-service-dashboard-item-title">
-									{dashboard.title}
-								</div>
-								<div className="aws-service-dashboard-item-description">
-									{dashboard.description}
-								</div>
-							</div>
-						</div>
-					);
-				})}
+				{dashboards.map(
+					(dashboard: CloudintegrationtypesServiceDashboardDTO, index: number) => {
+						const key =
+							dashboard.integrationDashboard?.dashboardId ||
+							`${dashboard.title}-${index}`;
+						return (
+							<DashboardCard
+								key={key}
+								dashboard={dashboard}
+								isInteractive={isInteractive}
+							/>
+						);
+					},
+				)}
 			</div>
 		</div>
 	);

frontend/src/container/Integrations/CloudIntegration/ServicesList.tsx

@@ -1,7 +1,11 @@
 import { useCallback, useEffect, useMemo } from 'react';
 import { useNavigate } from 'react-router-dom-v5-compat';
 import { Skeleton } from 'antd';
-import { useListServicesMetadata } from 'api/generated/services/cloudintegration';
+import {
+	useListAccounts,
+	useListAccountServicesMetadata,
+	useListServicesMetadata,
+} from 'api/generated/services/cloudintegration';
 import type { CloudintegrationtypesServiceMetadataDTO } from 'api/generated/services/sigNoz.schemas';
 import cx from 'classnames';
 import { IntegrationType } from 'container/Integrations/types';
@@ -20,17 +24,33 @@ function ServicesList({
 }: ServicesListProps): JSX.Element {
 	const urlQuery = useUrlQuery();
 	const navigate = useNavigate();
-	const hasValidCloudAccountId = Boolean(cloudAccountId);
-	const serviceQueryParams = hasValidCloudAccountId
-		? { cloud_integration_id: cloudAccountId }
-		: undefined;
+	const isAccountConnected = Boolean(cloudAccountId);
+	const { data: listAccountsResponse, isLoading: isAccountsLoading } =
+		useListAccounts({ cloudProvider: type });
+	const hasConnectedAccounts =
+		(listAccountsResponse?.data?.accounts?.length ?? 0) > 0;
 
-	const { data: servicesMetadata, isLoading } = useListServicesMetadata(
-		{
-			cloudProvider: type,
-		},
-		serviceQueryParams,
-	);
+	const { data: accountServicesMetadata, isLoading: isAccountServicesLoading } =
+		useListAccountServicesMetadata(
+			{ cloudProvider: type, id: cloudAccountId },
+			{ query: { enabled: isAccountConnected } },
+		);
+
+	const {
+		data: providerServicesMetadata,
+		isLoading: isProviderServicesLoading,
+	} = useListServicesMetadata({ cloudProvider: type }, undefined, {
+		query: { enabled: !isAccountsLoading && !hasConnectedAccounts },
+	});
+
+	const servicesMetadata = hasConnectedAccounts
+		? accountServicesMetadata
+		: providerServicesMetadata;
+	const isLoading =
+		isAccountsLoading ||
+		(hasConnectedAccounts
+			? isAccountServicesLoading || !isAccountConnected
+			: isProviderServicesLoading);
 
 	const awsServices = useMemo(
 		() => servicesMetadata?.data?.services ?? [],

frontend/src/container/LogsExplorerViews/index.tsx

@@ -10,7 +10,7 @@ import {
 	useState,
 } from 'react';
 // eslint-disable-next-line no-restricted-imports
-import { useDispatch, useSelector } from 'react-redux';
+import { useSelector } from 'react-redux';
 import getFromLocalstorage from 'api/browser/localstorage/get';
 import setToLocalstorage from 'api/browser/localstorage/set';
 import logEvent from 'api/common/logEvent';
@@ -42,7 +42,6 @@ import useUrlQueryData from 'hooks/useUrlQueryData';
 import useUrlYAxisUnit from 'hooks/useUrlYAxisUnit';
 import { isEmpty, isUndefined } from 'lodash-es';
 import LiveLogs from 'pages/LiveLogs';
-import { UpdateTimeInterval } from 'store/actions';
 import { AppState } from 'store/reducers';
 import { Warning } from 'types/api';
 import { Dashboard } from 'types/api/dashboard/getAll';
@@ -77,7 +76,6 @@ function LogsExplorerViewsContainer({
 	handleChangeSelectedView: ChangeViewFunctionType;
 }): JSX.Element {
 	const { safeNavigate } = useSafeNavigate();
-	const dispatch = useDispatch();
 
 	const [showFrequencyChart, setShowFrequencyChart] = useState(
 		() => getFromLocalstorage(LOCALSTORAGE.SHOW_FREQUENCY_CHART) === 'true',
@@ -90,10 +88,9 @@ function LogsExplorerViewsContainer({
 		DEFAULT_PER_PAGE_VALUE,
 	);
 
-	const { minTime, maxTime, selectedTime } = useSelector<
-		AppState,
-		GlobalReducer
-	>((state) => state.globalTime);
+	const { minTime, maxTime } = useSelector<AppState, GlobalReducer>(
+		(state) => state.globalTime,
+	);
 
 	const currentMinTimeRef = useRef<number>(minTime);
 
@@ -329,16 +326,6 @@ function LogsExplorerViewsContainer({
 			currentMinTimeRef.current !== minTime ||
 			orderByChanged
 		) {
-			// Recalculate global time when query changes i.e. stage and run query clicked
-			if (
-				!!requestData?.id &&
-				stagedQuery?.id &&
-				requestData?.id !== stagedQuery?.id &&
-				selectedTime !== 'custom'
-			) {
-				dispatch(UpdateTimeInterval(selectedTime));
-			}
-
 			const newRequestData = getRequestData(stagedQuery, {
 				filters: listQuery?.filters || initialFilters,
 				filter: listQuery?.filter || { expression: '' },
@@ -360,8 +347,6 @@ function LogsExplorerViewsContainer({
 		minTime,
 		activeLogId,
 		selectedPanelType,
-		dispatch,
-		selectedTime,
 		maxTime,
 		orderBy,
 	]);

frontend/src/container/LogsExplorerViews/tests/LogsExplorerPagination.test.tsx

@@ -108,13 +108,21 @@ jest.mock('hooks/useSafeNavigate', () => ({
 	}),
 }));
 
-jest.mock(
-	'container/TopNav/DateTimeSelectionV2/index.tsx',
-	() =>
-		function MockDateTimeSelection(): JSX.Element {
-			return <div>MockDateTimeSelection</div>;
-		},
-);
+jest.mock('container/TopNav/DateTimeSelectionV2/index.tsx', () => {
+	const { useQueryBuilder } = jest.requireActual(
+		'hooks/queryBuilder/useQueryBuilder',
+	);
+	const { useSyncTimeOnStagedQueryChange } = jest.requireActual(
+		'hooks/queryBuilder/useSyncTimeOnStagedQueryChange',
+	);
+
+	return function MockDateTimeSelection(): JSX.Element {
+		const { stagedQuery } = useQueryBuilder();
+		useSyncTimeOnStagedQueryChange(stagedQuery?.id);
+		return <div>MockDateTimeSelection</div>;
+	};
+});
+
 jest.mock(
 	'container/LogsExplorerChart',
 	() =>

frontend/src/container/QueryBuilder/filters/QueryBuilderSearchV2/QueryBuilderSearchV2.styles.scss

@@ -233,8 +233,10 @@
 			background: var(--l1-background);
 			box-shadow: 0px 0px 8px 0px rgba(0, 0, 0, 0.1);
 			padding: 0px;
+			gap: 0;
+			margin: 4px;
 
-			.ant-typography {
+			.qb-tag-text {
 				color: var(--l1-foreground);
 				font-family: Inter;
 				font-size: 14px !important;
@@ -244,7 +246,7 @@
 				padding: 2px 6px;
 			}
 
-			.close-icon {
+			> button {
 				display: flex;
 				align-items: center;
 				justify-content: center;
@@ -259,26 +261,26 @@
 			&.resource {
 				border: 1px solid color-mix(in srgb, var(--bg-aqua-400) 13%, transparent);
 
-				.ant-typography {
+				.qb-tag-text {
 					color: var(--bg-aqua-400);
 					background: color-mix(in srgb, var(--bg-aqua-400) 6%, transparent);
 					font-size: 14px;
 				}
 
-				.close-icon {
+				> button {
 					background: color-mix(in srgb, var(--bg-aqua-400) 6%, transparent);
 				}
 			}
 			&.tag {
 				border: 1px solid color-mix(in srgb, var(--bg-sienna-400) 20%, transparent);
 
-				.ant-typography {
+				.qb-tag-text {
 					color: var(--bg-sienna-400);
 					background: color-mix(in srgb, var(--bg-sienna-400) 10%, transparent);
 					font-size: 14px;
 				}
 
-				.close-icon {
+				> button {
 					background: color-mix(in srgb, var(--bg-sienna-400) 10%, transparent);
 				}
 			}
@@ -286,13 +288,13 @@
 			&.scope {
 				border: 1px solid color-mix(in srgb, var(--bg-robin-400) 20%, transparent);
 
-				.ant-typography {
+				.qb-tag-text {
 					color: var(--bg-robin-400);
 					background: color-mix(in srgb, var(--bg-robin-400) 10%, transparent);
 					font-size: 14px;
 				}
 
-				.close-icon {
+				> button {
 					background: color-mix(in srgb, var(--bg-robin-400) 10%, transparent);
 				}
 			}

frontend/src/container/QueryBuilder/filters/QueryBuilderSearchV2/QueryBuilderSearchV2.tsx

@@ -966,6 +966,7 @@ function QueryBuilderSearchV2(
 				>
 					<Tooltip title={chipValue}>
 						<TypographyText
+							className="qb-tag-text"
 							$isInNin={isInNin}
 							$isEnabled={!!searchValue}
 							onClick={(): void => {

frontend/src/container/TopNav/DateTimeSelectionV2/index.tsx

@@ -19,6 +19,7 @@ import {
 	useIsGlobalTimeQueryRefreshing,
 } from 'store/globalTime';
 import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
+import { useSyncTimeOnStagedQueryChange } from 'hooks/queryBuilder/useSyncTimeOnStagedQueryChange';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import { isValidShortHandDateTimeFormat } from 'lib/getMinMax';
 import getTimeString from 'lib/getTimeString';
@@ -187,6 +188,8 @@ function DateTimeSelection({
 
 	const { stagedQuery, currentQuery, initQueryBuilderData } = useQueryBuilder();
 
+	useSyncTimeOnStagedQueryChange(stagedQuery?.id);
+
 	const getInputLabel = (
 		startTime?: Dayjs,
 		endTime?: Dayjs,

frontend/src/hooks/queryBuilder/__tests__/useSyncTimeOnStagedQueryChange.test.ts

@@ -0,0 +1,139 @@
+import { renderHook } from '@testing-library/react';
+// eslint-disable-next-line no-restricted-imports
+import { useSelector } from 'react-redux';
+import { UpdateTimeInterval } from 'store/actions';
+
+import { useSyncTimeOnStagedQueryChange } from '../useSyncTimeOnStagedQueryChange';
+
+const mockDispatch = jest.fn();
+
+jest.mock('react-redux', () => ({
+	useDispatch: (): jest.Mock => mockDispatch,
+	useSelector: jest.fn(),
+}));
+
+jest.mock('store/actions', () => ({
+	UpdateTimeInterval: jest.fn((time: string) => ({
+		type: 'UPDATE_TIME_INTERVAL_THUNK',
+		payload: time,
+	})),
+}));
+
+const mockedUseSelector = useSelector as jest.Mock;
+const mockedUpdateTimeInterval = UpdateTimeInterval as unknown as jest.Mock;
+
+const setSelectedTime = (value: string): void => {
+	mockedUseSelector.mockImplementation(
+		(selector: (state: { globalTime: { selectedTime: string } }) => unknown) =>
+			selector({ globalTime: { selectedTime: value } }),
+	);
+};
+
+describe('useSyncTimeOnStagedQueryChange', () => {
+	beforeEach(() => {
+		jest.clearAllMocks();
+		setSelectedTime('1h');
+	});
+
+	it('does not dispatch on initial mount when stagedQueryId is undefined', () => {
+		renderHook(() => useSyncTimeOnStagedQueryChange(undefined));
+		expect(mockDispatch).not.toHaveBeenCalled();
+	});
+
+	it('does not dispatch on initial mount when stagedQueryId is already defined', () => {
+		renderHook(() => useSyncTimeOnStagedQueryChange('initial-id'));
+		expect(mockDispatch).not.toHaveBeenCalled();
+	});
+
+	it('does not dispatch when stagedQueryId transitions from undefined to defined (first staged query arriving)', () => {
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: undefined as string | undefined } },
+		);
+
+		rerender({ id: 'first-id' });
+
+		expect(mockDispatch).not.toHaveBeenCalled();
+	});
+
+	it('dispatches UpdateTimeInterval with current selectedTime when stagedQueryId changes', () => {
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: 'first-id' as string | undefined } },
+		);
+
+		expect(mockDispatch).not.toHaveBeenCalled();
+
+		rerender({ id: 'second-id' });
+
+		expect(mockedUpdateTimeInterval).toHaveBeenCalledTimes(1);
+		expect(mockedUpdateTimeInterval).toHaveBeenCalledWith('1h');
+		expect(mockDispatch).toHaveBeenCalledTimes(1);
+		expect(mockDispatch).toHaveBeenCalledWith({
+			type: 'UPDATE_TIME_INTERVAL_THUNK',
+			payload: '1h',
+		});
+	});
+
+	it('does not dispatch when selectedTime is "custom" even if stagedQueryId changes', () => {
+		setSelectedTime('custom');
+
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: 'first-id' as string | undefined } },
+		);
+
+		rerender({ id: 'second-id' });
+
+		expect(mockDispatch).not.toHaveBeenCalled();
+		expect(mockedUpdateTimeInterval).not.toHaveBeenCalled();
+	});
+
+	it('does not dispatch when only selectedTime changes (stagedQueryId stable)', () => {
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: 'stable-id' as string | undefined } },
+		);
+
+		setSelectedTime('5m');
+		rerender({ id: 'stable-id' });
+
+		expect(mockDispatch).not.toHaveBeenCalled();
+	});
+
+	it('dispatches once per distinct stagedQueryId change', () => {
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: 'a' as string | undefined } },
+		);
+
+		rerender({ id: 'b' });
+		rerender({ id: 'c' });
+		rerender({ id: 'c' }); // no change — should not dispatch again
+
+		expect(mockDispatch).toHaveBeenCalledTimes(2);
+	});
+
+	it('does not dispatch when stagedQueryId transitions from defined to undefined', () => {
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: 'first-id' as string | undefined } },
+		);
+
+		rerender({ id: undefined });
+
+		expect(mockDispatch).not.toHaveBeenCalled();
+	});
+
+	it('uses the latest selectedTime at the moment of stagedQueryId change', () => {
+		const { rerender } = renderHook(
+			({ id }: { id: string | undefined }) => useSyncTimeOnStagedQueryChange(id),
+			{ initialProps: { id: 'a' as string | undefined } },
+		);
+
+		setSelectedTime('15m');
+		rerender({ id: 'b' });
+
+		expect(mockedUpdateTimeInterval).toHaveBeenCalledWith('15m');
+	});
+});

frontend/src/hooks/queryBuilder/useSyncTimeOnStagedQueryChange.ts

@@ -0,0 +1,36 @@
+import { useEffect, useRef } from 'react';
+// eslint-disable-next-line no-restricted-imports
+import { useDispatch, useSelector } from 'react-redux';
+import { UpdateTimeInterval } from 'store/actions';
+import { AppState } from 'store/reducers';
+import { GlobalReducer } from 'types/reducer/globalTime';
+
+// Push fresh min/max back into Redux whenever the staged query changes for a
+// relative time interval. The data hooks that read minTime/maxTime from Redux
+// otherwise keep refetching with the originally frozen window and the time
+// picker displays a stale absolute range.
+// ref - SigNoz/signoz#8277
+export function useSyncTimeOnStagedQueryChange(
+	stagedQueryId: string | undefined,
+): void {
+	const dispatch = useDispatch();
+	const selectedTime = useSelector<AppState, GlobalReducer['selectedTime']>(
+		(state) => state.globalTime.selectedTime,
+	);
+	const prevStagedQueryIdRef = useRef<string | undefined>();
+
+	useEffect(() => {
+		const prevId = prevStagedQueryIdRef.current;
+		const currentId = stagedQueryId;
+		prevStagedQueryIdRef.current = currentId;
+
+		if (
+			prevId !== undefined &&
+			currentId !== undefined &&
+			prevId !== currentId &&
+			selectedTime !== 'custom'
+		) {
+			dispatch(UpdateTimeInterval(selectedTime));
+		}
+	}, [stagedQueryId, selectedTime, dispatch]);
+}

frontend/src/pages/TraceDetailsV3/TraceWaterfall/AddSpanToFunnelModal/AddSpanToFunnelModal.module.scss

@@ -119,6 +119,7 @@
 	gap: 12px;
 	margin-bottom: 14px;
 	align-items: center;
+	background: var(--l3-background);
 }
 
 .searchInput {
@@ -126,16 +127,13 @@
 	padding: 6px 8px;
 	background: var(--l3-background);
 
-	:global(.ant-input-prefix) {
-		height: 18px;
-		margin-inline-end: 6px;
+	height: 18px;
+	margin-inline-end: 6px;
 
-		svg {
-			opacity: 0.4;
-		}
+	svg {
+		opacity: 0.4;
 	}
 
-	&,
 	input {
 		font-size: 14px;
 		line-height: 18px;

frontend/src/pages/WorkspaceLocked/WorkspaceLocked.tsx

@@ -53,20 +53,20 @@ export default function WorkspaceBlocked(): JSX.Element {
 	const { t } = useTranslation(['workspaceLocked']);
 
 	useEffect((): void => {
-		logEvent('Workspace Blocked: Screen Viewed', {});
+		void logEvent('Workspace Blocked: Screen Viewed', {});
 	}, []);
 
 	const handleContactUsClick = (): void => {
-		logEvent('Workspace Blocked: Contact Us Clicked', {});
+		void logEvent('Workspace Blocked: Contact Us Clicked', {});
 	};
 
 	const handleTabClick = (key: string): void => {
-		logEvent('Workspace Blocked: Screen Tabs Clicked', { tabKey: key });
+		void logEvent('Workspace Blocked: Screen Tabs Clicked', { tabKey: key });
 	};
 
 	const handleCollapseChange = (key: string | string[]): void => {
 		const lastKey = Array.isArray(key) ? key.slice(-1)[0] : key;
-		logEvent('Workspace Blocked: Screen Tab FAQ Item Clicked', {
+		void logEvent('Workspace Blocked: Screen Tab FAQ Item Clicked', {
 			panelKey: lastKey,
 		});
 	};
@@ -109,7 +109,7 @@ export default function WorkspaceBlocked(): JSX.Element {
 	);
 
 	const handleUpdateCreditCard = useCallback(async () => {
-		logEvent('Workspace Blocked: User Clicked Update Credit Card', {});
+		void logEvent('Workspace Blocked: User Clicked Update Credit Card', {});
 
 		updateCreditCard({
 			url: getBaseUrl(),
@@ -117,7 +117,7 @@ export default function WorkspaceBlocked(): JSX.Element {
 	}, [updateCreditCard]);
 
 	const handleExtendTrial = (): void => {
-		logEvent('Workspace Blocked: User Clicked Extend Trial', {});
+		void logEvent('Workspace Blocked: User Clicked Extend Trial', {});
 
 		notifications.info({
 			message: t('extendTrial'),
@@ -133,7 +133,7 @@ export default function WorkspaceBlocked(): JSX.Element {
 	};
 
 	const handleViewBilling = (e?: React.MouseEvent): void => {
-		logEvent('Workspace Blocked: User Clicked View Billing', {});
+		void logEvent('Workspace Blocked: User Clicked View Billing', {});
 
 		safeNavigate(ROUTES.BILLING, { newTab: !!e && isModifierKeyPressed(e) });
 	};

frontend/src/pages/WorkspaceSuspended/WorkspaceSuspended.tsx

@@ -6,14 +6,12 @@ import { Typography } from '@signozhq/ui/typography';
 import manageCreditCardApi from 'api/v1/portal/create';
 import RefreshPaymentStatus from 'components/RefreshPaymentStatus/RefreshPaymentStatus';
 import ROUTES from 'constants/routes';
-import dayjs from 'dayjs';
 import { useNotifications } from 'hooks/useNotifications';
 import history from 'lib/history';
 import { useAppContext } from 'providers/App/App';
 import APIError from 'types/api/error';
 import { LicensePlatform, LicenseState } from 'types/api/licensesV3/getActive';
 import { getBaseUrl } from 'utils/basePath';
-import { getFormattedDateWithMinutes } from 'utils/timeUtils';
 
 import featureGraphicCorrelationUrl from '@/assets/Images/feature-graphic-correlation.svg';
 
@@ -109,15 +107,6 @@ function WorkspaceSuspended(): JSX.Element {
 										</Typography.Title>
 										<Typography.Text className="workspace-suspended__details">
 											{t('actionDescription')}
-											<br />
-											{t('yourDataIsSafe')}{' '}
-											<span className="workspace-suspended__details__highlight">
-												{getFormattedDateWithMinutes(
-													dayjs(activeLicense?.event_queue?.scheduled_at).unix() ||
-														Date.now(),
-												)}
-											</span>{' '}
-											{t('actNow')}
 										</Typography.Text>
 									</Space>
 								</Col>

frontend/src/vite-env.d.ts

@@ -24,6 +24,8 @@ interface ImportMetaEnv {
 	readonly VITE_TUNNEL_URL: string;
 	readonly VITE_TUNNEL_DOMAIN: string;
 	readonly VITE_DOCS_BASE_URL: string;
+	readonly VITE_ENVIRONMENT: string;
+	readonly VITE_VERSION: string;
 }
 
 interface ImportMeta {

frontend/vite.config.ts

@@ -82,11 +82,20 @@ export default defineConfig(({ mode }): UserConfig => {
 	];
 
 	if (env.VITE_SENTRY_AUTH_TOKEN) {
+		// Refuse to upload sourcemaps without an explicit version.
+		if (!env.VITE_VERSION) {
+			throw new Error(
+				'VITE_VERSION must be set to upload sourcemaps to Sentry; refusing to upload without a matching release.',
+			);
+		}
 		plugins.push(
 			sentryVitePlugin({
 				authToken: env.VITE_SENTRY_AUTH_TOKEN,
 				org: env.VITE_SENTRY_ORG,
 				project: env.VITE_SENTRY_PROJECT_ID,
+				// Pin the sourcemap-upload release to the same value injected as
+				// process.env.VERSION so uploaded sourcemaps resolve. Ref: platform-pod#2393
+				release: { name: env.VITE_VERSION },
 			}),
 		);
 	}
@@ -155,6 +164,8 @@ export default defineConfig(({ mode }): UserConfig => {
 			'process.env.TUNNEL_URL': JSON.stringify(env.VITE_TUNNEL_URL),
 			'process.env.TUNNEL_DOMAIN': JSON.stringify(env.VITE_TUNNEL_DOMAIN),
 			'process.env.DOCS_BASE_URL': JSON.stringify(env.VITE_DOCS_BASE_URL),
+			'process.env.ENVIRONMENT': JSON.stringify(env.VITE_ENVIRONMENT),
+			'process.env.VERSION': JSON.stringify(env.VITE_VERSION),
 		},
 		// In production, use relative paths so assets work with any base path injected by the backend.
 		// In dev, use the configured base path for proper HMR and routing.

go.mod

@@ -18,6 +18,7 @@ require (
 	github.com/dgraph-io/ristretto/v2 v2.3.0
 	github.com/dustin/go-humanize v1.0.1
 	github.com/emersion/go-smtp v0.24.0
+	github.com/evanphx/json-patch/v5 v5.9.11
 	github.com/gin-gonic/gin v1.11.0
 	github.com/go-co-op/gocron v1.30.1
 	github.com/go-openapi/runtime v0.29.2

go.sum

@@ -311,6 +311,8 @@ github.com/envoyproxy/go-control-plane/envoy v1.37.0/go.mod h1:DReE9MMrmecPy+YvQ
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/envoyproxy/protoc-gen-validate v1.3.3 h1:MVQghNeW+LZcmXe7SY1V36Z+WFMDjpqGAGacLe2T0ds=
 github.com/envoyproxy/protoc-gen-validate v1.3.3/go.mod h1:TsndJ/ngyIdQRhMcVVGDDHINPLWB7C82oDArY51KfB0=
+github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU=
+github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM=
 github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb h1:IT4JYU7k4ikYg1SCxNI1/Tieq/NFvh6dzLdgi7eu0tM=
 github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb/go.mod h1:bH6Xx7IW64qjjJq8M2u4dxNaBiDfKK+z/3eGDpXEQhc=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=

pkg/apiserver/signozapiserver/cloudintegration.go

@@ -151,6 +151,26 @@ func (provider *provider) addCloudIntegrationRoutes(router *mux.Router) error {
 		return err
 	}
 
+	if err := router.Handle("/api/v1/cloud_integrations/{cloud_provider}/accounts/{id}/services", handler.New(
+		provider.authzMiddleware.AdminAccess(provider.cloudIntegrationHandler.ListAccountServicesMetadata),
+		handler.OpenAPIDef{
+			ID:                  "ListAccountServicesMetadata",
+			Tags:                []string{"cloudintegration"},
+			Summary:             "List account services metadata",
+			Description:         "This endpoint lists the services metadata for the specified account and cloud provider",
+			Request:             nil,
+			RequestContentType:  "",
+			Response:            new(citypes.GettableServicesMetadata),
+			ResponseContentType: "application/json",
+			SuccessStatusCode:   http.StatusOK,
+			ErrorStatusCodes:    []int{},
+			Deprecated:          false,
+			SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
+		},
+	)).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/cloud_integrations/{cloud_provider}/services/{service_id}", handler.New(
 		provider.authzMiddleware.AdminAccess(provider.cloudIntegrationHandler.GetService),
 		handler.OpenAPIDef{

pkg/apiserver/signozapiserver/dashboard.go

@@ -14,6 +14,93 @@ import (
 )
 
 func (provider *provider) addDashboardRoutes(router *mux.Router) error {
+	// Saved-view routes are registered before `/api/v2/dashboards/{id}` so the
+	// literal `views` segment isn't swallowed by the `{id}` pattern.
+	if err := router.Handle("/api/v2/dashboards/views", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.ListViews), handler.OpenAPIDef{
+		ID:                  "ListDashboardViews",
+		Tags:                []string{"dashboard"},
+		Summary:             "List dashboard saved views",
+		Description:         "Returns every saved view in the calling user's org. Saved views are shared org-wide; any user may read, create, edit, and delete any view.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            new(dashboardtypes.ListableDashboardView),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/views", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.CreateView), handler.OpenAPIDef{
+		ID:                  "CreateDashboardView",
+		Tags:                []string{"dashboard"},
+		Summary:             "Create dashboard saved view",
+		Description:         "Persists the calling user's dashboard listing state (query, sort, order) as a named, reusable view shared across the org.",
+		Request:             new(dashboardtypes.PostableDashboardView),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardView),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusCreated,
+		ErrorStatusCodes:    []int{http.StatusBadRequest},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodPost).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/views/{id}", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.UpdateView), handler.OpenAPIDef{
+		ID:                  "UpdateDashboardView",
+		Tags:                []string{"dashboard"},
+		Summary:             "Update dashboard saved view",
+		Description:         "Replaces a saved view's name and data. Saved views are shared org-wide; any user in the org may edit any view.",
+		Request:             new(dashboardtypes.UpdateableDashboardView),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardView),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/views/{id}", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.DeleteView), handler.OpenAPIDef{
+		ID:                  "DeleteDashboardView",
+		Tags:                []string{"dashboard"},
+		Summary:             "Delete dashboard saved view",
+		Description:         "Removes a saved view. Saved views are shared org-wide; any user in the org may delete any view. Idempotent — deleting a non-existent view returns 404.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.ListV2), handler.OpenAPIDef{
+		ID:                  "ListDashboardsV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "List dashboards (v2)",
+		Description:         "Returns a page of v2-shape dashboards for the calling user's org. Supports a filter DSL (`query`), sort (`updated_at`/`created_at`/`name`), order (`asc`/`desc`), and offset-based pagination (`limit`/`offset`).",
+		Request:             new(dashboardtypes.ListDashboardsV2Params),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.ListableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusBadRequest},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v2/dashboards", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.CreateV2), handler.OpenAPIDef{
 		ID:                  "CreateDashboardV2",
 		Tags:                []string{"dashboard"},
@@ -24,9 +111,10 @@ func (provider *provider) addDashboardRoutes(router *mux.Router) error {
 		Response:            new(dashboardtypes.GettableDashboardV2),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusCreated,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+		// TODO: add http.StatusConflict once the dashboard name unique index is added.
+		ErrorStatusCodes: []int{http.StatusBadRequest},
+		Deprecated:       false,
+		SecuritySchemes:  newSecuritySchemes(types.RoleEditor),
 	})).Methods(http.MethodPost).GetError(); err != nil {
 		return err
 	}
@@ -41,13 +129,140 @@ func (provider *provider) addDashboardRoutes(router *mux.Router) error {
 		Response:            new(dashboardtypes.GettableDashboardV2),
 		ResponseContentType: "application/json",
 		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
 		Deprecated:          false,
 		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
 	})).Methods(http.MethodGet).GetError(); err != nil {
 		return err
 	}
 
+	if err := router.Handle("/api/v2/dashboards/{id}", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.UpdateV2), handler.OpenAPIDef{
+		ID:                  "UpdateDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Update dashboard (v2)",
+		Description:         "This endpoint updates a v2-shape dashboard's metadata, data, and tag set. Locked dashboards are rejected.",
+		Request:             new(dashboardtypes.UpdatableDashboardV2),
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.PatchV2), handler.OpenAPIDef{
+		ID:          "PatchDashboardV2",
+		Tags:        []string{"dashboard"},
+		Summary:     "Patch dashboard (v2)",
+		Description: "This endpoint applies an RFC 6902 JSON Patch to a v2-shape dashboard. The patch is applied against the postable view of the dashboard (metadata, data, tags), so individual panels, queries, variables, layouts, or tags can be updated without re-sending the rest of the dashboard. Apply is lenient: `remove` on a missing path is a no-op (idempotent) and `add` creates any missing parent objects, rather than failing as strict RFC 6902 would. The resulting dashboard is still validated. Locked dashboards are rejected.",
+		Request:     new(dashboardtypes.PatchableDashboardV2),
+		// Strictly per RFC 6902 the content type is `application/json-patch+json`,
+		// but our OpenAPI generator only reflects schemas for content types it
+		// understands (application/json, form-urlencoded, multipart) — anything
+		// else degrades to `type: string`. Declaring application/json here keeps
+		// the array-of-ops schema visible to spec consumers; the runtime decoder
+		// parses JSON regardless of the request's actual Content-Type header.
+		RequestContentType:  "application/json",
+		Response:            new(dashboardtypes.GettableDashboardV2),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodPatch).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.DeleteV2), handler.OpenAPIDef{
+		ID:                  "DeleteDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Delete dashboard (v2)",
+		Description:         "This endpoint deletes a v2-shape dashboard along with its tag relations. Locked dashboards are rejected.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/lock", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.LockV2), handler.OpenAPIDef{
+		ID:                  "LockDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Lock dashboard (v2)",
+		Description:         "This endpoint locks a v2-shape dashboard. Only the dashboard's creator or an org admin may lock or unlock.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/lock", handler.New(provider.authzMiddleware.EditAccess(provider.dashboardHandler.UnlockV2), handler.OpenAPIDef{
+		ID:                  "UnlockDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Unlock dashboard (v2)",
+		Description:         "This endpoint unlocks a v2-shape dashboard. Only the dashboard's creator or an org admin may lock or unlock.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleEditor),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
+	// ViewAccess: pinning only mutates the calling user's pin list, not the
+	// dashboard itself — anyone who can view a dashboard can bookmark it.
+	if err := router.Handle("/api/v2/dashboards/{id}/pins/me", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.PinV2), handler.OpenAPIDef{
+		ID:                  "PinDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Pin a dashboard for the current user (v2)",
+		Description:         "Pins the dashboard for the calling user. A user can pin at most 10 dashboards; pinning when at the limit returns 409. Re-pinning an already-pinned dashboard is a no-op success.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound, http.StatusConflict},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodPut).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v2/dashboards/{id}/pins/me", handler.New(provider.authzMiddleware.ViewAccess(provider.dashboardHandler.UnpinV2), handler.OpenAPIDef{
+		ID:                  "UnpinDashboardV2",
+		Tags:                []string{"dashboard"},
+		Summary:             "Unpin a dashboard for the current user (v2)",
+		Description:         "Removes the pin for the calling user. Idempotent — unpinning a dashboard that wasn't pinned still returns 204.",
+		Request:             nil,
+		RequestContentType:  "",
+		Response:            nil,
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusNoContent,
+		ErrorStatusCodes:    []int{http.StatusBadRequest},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodDelete).GetError(); err != nil {
+		return err
+	}
+
 	if err := router.Handle("/api/v1/dashboards/{id}/public", handler.New(provider.authzMiddleware.AdminAccess(provider.dashboardHandler.CreatePublic), handler.OpenAPIDef{
 		ID:                  "CreatePublicDashboard",
 		Tags:                []string{"dashboard"},

pkg/modules/cloudintegration/cloudintegration.go

@@ -75,6 +75,7 @@ type Handler interface {
 	UpdateAccount(http.ResponseWriter, *http.Request)
 	DisconnectAccount(http.ResponseWriter, *http.Request)
 	ListServicesMetadata(http.ResponseWriter, *http.Request)
+	ListAccountServicesMetadata(http.ResponseWriter, *http.Request)
 	GetService(http.ResponseWriter, *http.Request)
 	UpdateService(http.ResponseWriter, *http.Request)
 	AgentCheckIn(http.ResponseWriter, *http.Request)

pkg/modules/cloudintegration/implcloudintegration/handler.go

@@ -276,6 +276,44 @@ func (handler *handler) ListServicesMetadata(rw http.ResponseWriter, r *http.Req
 	render.Success(rw, http.StatusOK, cloudintegrationtypes.NewGettableServicesMetadata(services))
 }
 
+func (handler *handler) ListAccountServicesMetadata(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	provider, err := cloudintegrationtypes.NewCloudProvider(mux.Vars(r)["cloud_provider"])
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	accountID, err := valuer.NewUUID(mux.Vars(r)["id"])
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	// check if integration account exists and is not removed.
+	_, err = handler.module.GetConnectedAccount(ctx, valuer.MustNewUUID(claims.OrgID), accountID, provider)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	services, err := handler.module.ListServicesMetadata(ctx, valuer.MustNewUUID(claims.OrgID), provider, accountID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, cloudintegrationtypes.NewGettableServicesMetadata(services))
+}
+
 func (handler *handler) GetService(rw http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
@@ -440,4 +478,3 @@ func (handler *handler) AgentCheckIn(rw http.ResponseWriter, r *http.Request) {
 
 	render.Success(rw, http.StatusOK, cloudintegrationtypes.NewGettableAgentCheckIn(provider, resp))
 }
-

pkg/modules/dashboard/dashboard.go

@@ -60,6 +60,28 @@ type Module interface {
 	CreateV2(ctx context.Context, orgID valuer.UUID, createdBy string, creator valuer.UUID, source dashboardtypes.Source, postable dashboardtypes.PostableDashboardV2) (*dashboardtypes.DashboardV2, error)
 
 	GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.DashboardV2, error)
+
+	ListV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, params *dashboardtypes.ListDashboardsV2Params) (*dashboardtypes.ListableDashboardV2, error)
+
+	UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, updatable dashboardtypes.UpdatableDashboardV2) (*dashboardtypes.DashboardV2, error)
+
+	LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error
+
+	PatchV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, patch dashboardtypes.PatchableDashboardV2) (*dashboardtypes.DashboardV2, error)
+
+	PinV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, id valuer.UUID) error
+
+	UnpinV2(ctx context.Context, userID valuer.UUID, id valuer.UUID) error
+
+	DeleteV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error
+
+	CreateView(ctx context.Context, orgID valuer.UUID, postable dashboardtypes.PostableDashboardView) (*dashboardtypes.DashboardView, error)
+
+	ListViews(ctx context.Context, orgID valuer.UUID) (*dashboardtypes.ListableDashboardView, error)
+
+	UpdateView(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updateable dashboardtypes.UpdateableDashboardView) (*dashboardtypes.DashboardView, error)
+
+	DeleteView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error
 }
 
 type Handler interface {
@@ -89,4 +111,28 @@ type Handler interface {
 	CreateV2(http.ResponseWriter, *http.Request)
 
 	GetV2(http.ResponseWriter, *http.Request)
+
+	ListV2(http.ResponseWriter, *http.Request)
+
+	UpdateV2(http.ResponseWriter, *http.Request)
+
+	LockV2(http.ResponseWriter, *http.Request)
+
+	UnlockV2(http.ResponseWriter, *http.Request)
+
+	PatchV2(http.ResponseWriter, *http.Request)
+
+	PinV2(http.ResponseWriter, *http.Request)
+
+	UnpinV2(http.ResponseWriter, *http.Request)
+
+	DeleteV2(http.ResponseWriter, *http.Request)
+
+	CreateView(http.ResponseWriter, *http.Request)
+
+	ListViews(http.ResponseWriter, *http.Request)
+
+	UpdateView(http.ResponseWriter, *http.Request)
+
+	DeleteView(http.ResponseWriter, *http.Request)
 }

pkg/modules/dashboard/impldashboard/store.go

@@ -2,10 +2,12 @@ package impldashboard
 
 import (
 	"context"
+	"strings"
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes/listfilter"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
@@ -63,6 +65,96 @@ func (store *store) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID)
 	return storableDashboard, nil
 }
 
+// ListV2 emits the joined dashboard ⨝ pinned_dashboard query the spec calls
+// for. Aliases:
+//
+//	dashboard         — the visitor expects this
+//	pinned_dashboard  AS pin  — only used inside this query
+//
+// Sort is "is_pinned DESC, <sort> <order>" so pinned dashboards float to the
+// top inside the requested ordering. Name-sort goes through the same
+// JSONExtractString path the visitor uses for name/description filtering.
+func (store *store) ListV2(
+	ctx context.Context,
+	orgID valuer.UUID,
+	userID valuer.UUID,
+	params *dashboardtypes.ListDashboardsV2Params,
+) ([]*dashboardtypes.DashboardListRow, int64, error) {
+	compiled, err := listfilter.Compile(params.Query, store.sqlstore.Formatter())
+	if err != nil {
+		return nil, 0, err
+	}
+	type listedRow struct {
+		*dashboardtypes.StorableDashboard `bun:",extend"`
+
+		IsPinned bool  `bun:"is_pinned"`
+		Total    int64 `bun:"total"`
+	}
+
+	rows := make([]*listedRow, 0)
+
+	q := store.sqlstore.
+		BunDB().
+		NewSelect().
+		Model(&rows).
+		ColumnExpr("dashboard.id, dashboard.org_id, dashboard.name, dashboard.data, dashboard.locked, dashboard.source, dashboard.created_at, dashboard.created_by, dashboard.updated_at, dashboard.updated_by").
+		ColumnExpr("CASE WHEN pin.user_id IS NOT NULL THEN 1 ELSE 0 END AS is_pinned").
+		ColumnExpr("COUNT(*) OVER () AS total").
+		Join("LEFT JOIN pinned_dashboard AS pin ON pin.user_id = ? AND pin.dashboard_id = dashboard.id", userID).
+		Where("dashboard.org_id = ?", orgID).
+		Where("dashboard.source != ?", dashboardtypes.SourceSystem)
+
+	if compiled != nil {
+		q = q.Where(compiled.SQL, compiled.Args...)
+	}
+
+	sortExpr, err := store.sortExprForListV2(params.Sort)
+	if err != nil {
+		return nil, 0, err
+	}
+	q = q.
+		OrderExpr("is_pinned DESC").
+		OrderExpr(sortExpr + " " + strings.ToUpper(params.Order.StringValue())).
+		Limit(params.Limit).
+		Offset(params.Offset)
+
+	if err := q.Scan(ctx); err != nil {
+		return nil, 0, err
+	}
+
+	// COUNT(*) OVER () is computed pre-LIMIT, so any returned row carries the
+	// full filter total. Empty result page => zero matches.
+	var total int64
+	if len(rows) > 0 {
+		total = rows[0].Total
+	}
+
+	out := make([]*dashboardtypes.DashboardListRow, len(rows))
+	for i, r := range rows {
+		out[i] = &dashboardtypes.DashboardListRow{
+			Dashboard: r.StorableDashboard,
+			Pinned:    r.IsPinned,
+		}
+	}
+	return out, total, nil
+}
+
+// sortExprForListV2 maps a sort enum to the SQL expression to plug into
+// ORDER BY. Title-sort routes through the SQLFormatter so it stays
+// dialect-aware (matches what listfilter/visitor does for the name filter).
+func (store *store) sortExprForListV2(sort dashboardtypes.ListSort) (string, error) {
+	switch sort {
+	case dashboardtypes.ListSortUpdatedAt:
+		return "dashboard.updated_at", nil
+	case dashboardtypes.ListSortCreatedAt:
+		return "dashboard.created_at", nil
+	case dashboardtypes.ListSortName:
+		return string(store.sqlstore.Formatter().JSONExtractString("dashboard.data", "$.spec.display.name")), nil
+	}
+	return "", errors.Newf(errors.TypeInvalidInput, dashboardtypes.ErrCodeDashboardListInvalid,
+		"unsupported sort field %q", sort)
+}
+
 func (store *store) GetPublic(ctx context.Context, dashboardID string) (*dashboardtypes.StorablePublicDashboard, error) {
 	storable := new(dashboardtypes.StorablePublicDashboard)
 	err := store.
@@ -153,7 +245,7 @@ func (store *store) ListPublic(ctx context.Context, orgID valuer.UUID) ([]*dashb
 func (store *store) Update(ctx context.Context, orgID valuer.UUID, storableDashboard *dashboardtypes.StorableDashboard) error {
 	_, err := store.
 		sqlstore.
-		BunDB().
+		BunDBCtx(ctx).
 		NewUpdate().
 		Model(storableDashboard).
 		WherePK().
@@ -217,3 +309,133 @@ func (store *store) RunInTx(ctx context.Context, cb func(ctx context.Context) er
 		return cb(ctx)
 	})
 }
+
+// PinForUser combines the count check, the existence check, and the upsert in
+// a single statement so the limit gate and the insert can't drift between two
+// round-trips.
+//
+//	pin exists? | count < 10? | WHERE passes?           | effect                            | rows
+//	------------|-------------|-------------------------|-----------------------------------|-----
+//	no          | yes         | yes (count branch)      | INSERT new row                    | 1
+//	no          | no          | no                      | nothing (limit hit)               | 0
+//	yes         | yes         | yes (count branch)      | INSERT → conflict → no-op UPDATE  | 1
+//	yes         | no          | yes (EXISTS OR branch)  | INSERT → conflict → no-op UPDATE  | 1
+//
+// rows = 0 is the only signal of a real limit hit.
+func (store *store) PinForUser(ctx context.Context, pd *dashboardtypes.PinnedDashboard) error {
+	res, err := store.sqlstore.BunDBCtx(ctx).NewRaw(`
+		INSERT INTO pinned_dashboard (user_id, dashboard_id, org_id, pinned_at)
+		SELECT ?, ?, ?, ?
+		WHERE (SELECT COUNT(*) FROM pinned_dashboard WHERE user_id = ?) < ?
+		   OR EXISTS (SELECT 1 FROM pinned_dashboard WHERE user_id = ? AND dashboard_id = ?)
+		ON CONFLICT (user_id, dashboard_id) DO UPDATE SET user_id = EXCLUDED.user_id
+	`,
+		pd.UserID, pd.DashboardID, pd.OrgID, pd.PinnedAt,
+		pd.UserID, dashboardtypes.MaxPinnedDashboardsPerUser,
+		pd.UserID, pd.DashboardID,
+	).Exec(ctx)
+	if err != nil {
+		return err
+	}
+	rows, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+	if rows == 0 {
+		return errors.Newf(errors.TypeAlreadyExists, dashboardtypes.ErrCodePinnedDashboardLimitHit,
+			"cannot pin more than %d dashboards", dashboardtypes.MaxPinnedDashboardsPerUser)
+	}
+	return nil
+}
+
+func (store *store) UnpinForUser(ctx context.Context, userID valuer.UUID, dashboardID valuer.UUID) error {
+	_, err := store.sqlstore.BunDBCtx(ctx).
+		NewDelete().
+		Model((*dashboardtypes.PinnedDashboard)(nil)).
+		Where("user_id = ?", userID).
+		Where("dashboard_id = ?", dashboardID).
+		Exec(ctx)
+	return err
+}
+
+func (store *store) CreateDashboardView(ctx context.Context, view *dashboardtypes.DashboardView) error {
+	_, err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewInsert().
+		Model(view).
+		Exec(ctx)
+	if err != nil {
+		return store.sqlstore.WrapAlreadyExistsErrf(err, errors.CodeAlreadyExists, "dashboard view with id %s already exists", view.ID)
+	}
+	return nil
+}
+
+func (store *store) GetDashboardView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.DashboardView, error) {
+	view := new(dashboardtypes.DashboardView)
+	err := store.
+		sqlstore.
+		BunDB().
+		NewSelect().
+		Model(view).
+		Where("id = ?", id).
+		Where("org_id = ?", orgID).
+		Scan(ctx)
+	if err != nil {
+		return nil, store.sqlstore.WrapNotFoundErrf(err, dashboardtypes.ErrCodeDashboardViewNotFound, "dashboard view with id %s doesn't exist", id)
+	}
+	return view, nil
+}
+
+func (store *store) ListDashboardViews(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.DashboardView, error) {
+	views := make([]*dashboardtypes.DashboardView, 0)
+	err := store.
+		sqlstore.
+		BunDB().
+		NewSelect().
+		Model(&views).
+		Where("org_id = ?", orgID).
+		OrderExpr("updated_at DESC").
+		Scan(ctx)
+	if err != nil {
+		return nil, err
+	}
+	return views, nil
+}
+
+func (store *store) UpdateDashboardView(ctx context.Context, view *dashboardtypes.DashboardView) error {
+	res, err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewUpdate().
+		Model(view).
+		WherePK().
+		Where("org_id = ?", view.OrgID).
+		Exec(ctx)
+	if err != nil {
+		return err
+	}
+	rows, err := res.RowsAffected()
+	if err != nil {
+		return err
+	}
+	if rows == 0 {
+		return errors.Newf(errors.TypeNotFound, dashboardtypes.ErrCodeDashboardViewNotFound, "dashboard view with id %s doesn't exist", view.ID)
+	}
+	return nil
+}
+
+func (store *store) DeleteDashboardView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	_, err := store.
+		sqlstore.
+		BunDBCtx(ctx).
+		NewDelete().
+		Model(new(dashboardtypes.DashboardView)).
+		Where("id = ?", id).
+		Where("org_id = ?", orgID).
+		Exec(ctx)
+	if err != nil {
+		return store.sqlstore.WrapNotFoundErrf(err, dashboardtypes.ErrCodeDashboardViewNotFound, "dashboard view with id %s doesn't exist", id)
+	}
+	return nil
+}

pkg/modules/dashboard/impldashboard/v2_handler.go

@@ -9,6 +9,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/coretypes"
 	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/gorilla/mux"
@@ -41,6 +42,38 @@ func (handler *handler) CreateV2(rw http.ResponseWriter, r *http.Request) {
 	render.Success(rw, http.StatusCreated, dashboard.ToGettableDashboardV2())
 }
 
+func (handler *handler) ListV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+	userID := valuer.MustNewUUID(claims.IdentityID())
+
+	params := new(dashboardtypes.ListDashboardsV2Params)
+	if err := binding.Query.BindQuery(r.URL.Query(), params); err != nil {
+		render.Error(rw, err)
+		return
+	}
+	if err := params.Validate(); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	out, err := handler.module.ListV2(ctx, orgID, userID, params)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, out)
+}
+
 func (handler *handler) GetV2(rw http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
@@ -72,3 +105,211 @@ func (handler *handler) GetV2(rw http.ResponseWriter, r *http.Request) {
 
 	render.Success(rw, http.StatusOK, dashboard.ToGettableDashboardV2())
 }
+
+func (handler *handler) LockV2(rw http.ResponseWriter, r *http.Request) {
+	handler.lockUnlockV2(rw, r, true)
+}
+
+func (handler *handler) UnlockV2(rw http.ResponseWriter, r *http.Request) {
+	handler.lockUnlockV2(rw, r, false)
+}
+
+func (handler *handler) lockUnlockV2(rw http.ResponseWriter, r *http.Request, lock bool) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	isAdmin := false
+	selectors := []coretypes.Selector{
+		coretypes.TypeRole.MustSelector(authtypes.SigNozAdminRoleName),
+	}
+	err = handler.authz.CheckWithTupleCreation(
+		ctx,
+		claims,
+		orgID,
+		authtypes.Relation{Verb: coretypes.VerbAssignee},
+		coretypes.NewResourceRole(),
+		selectors,
+		selectors,
+	)
+	if err == nil {
+		isAdmin = true
+	}
+
+	if err := handler.module.LockUnlockV2(ctx, orgID, dashboardID, claims.Email, isAdmin, lock); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusNoContent, nil)
+}
+
+func (handler *handler) UpdateV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	req := dashboardtypes.UpdatableDashboardV2{}
+	if err := binding.JSON.BindBody(r.Body, &req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.UpdateV2(ctx, orgID, dashboardID, claims.Email, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, dashboard.ToGettableDashboardV2())
+}
+
+func (handler *handler) PatchV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	req := dashboardtypes.PatchableDashboardV2{}
+	if err := binding.JSON.BindBody(r.Body, &req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	dashboard, err := handler.module.PatchV2(ctx, orgID, dashboardID, claims.Email, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, dashboard.ToGettableDashboardV2())
+}
+
+func (handler *handler) PinV2(rw http.ResponseWriter, r *http.Request) {
+	handler.pinUnpinV2(rw, r, true)
+}
+
+func (handler *handler) UnpinV2(rw http.ResponseWriter, r *http.Request) {
+	handler.pinUnpinV2(rw, r, false)
+}
+
+func (handler *handler) pinUnpinV2(rw http.ResponseWriter, r *http.Request, pin bool) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+	userID := valuer.MustNewUUID(claims.IdentityID())
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	if pin {
+		err = handler.module.PinV2(ctx, orgID, userID, dashboardID)
+	} else {
+		err = handler.module.UnpinV2(ctx, userID, dashboardID)
+	}
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusNoContent, nil)
+}
+
+func (handler *handler) DeleteV2(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	dashboardID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	if err := handler.module.DeleteV2(ctx, orgID, dashboardID); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusNoContent, nil)
+}

pkg/modules/dashboard/impldashboard/v2_module.go

@@ -2,6 +2,7 @@ package impldashboard
 
 import (
 	"context"
+	"time"
 
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/coretypes"
@@ -42,6 +43,29 @@ func (m *module) CreateV2(ctx context.Context, orgID valuer.UUID, createdBy stri
 	return dashboard, nil
 }
 
+func (module *module) ListV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, params *dashboardtypes.ListDashboardsV2Params) (*dashboardtypes.ListableDashboardV2, error) {
+	rows, total, err := module.store.ListV2(ctx, orgID, userID, params)
+	if err != nil {
+		return nil, err
+	}
+
+	dashboardIDs := make([]valuer.UUID, len(rows))
+	for i, r := range rows {
+		dashboardIDs[i] = r.Dashboard.ID
+	}
+	tagsByDashboard, err := module.tagModule.ListForResources(ctx, orgID, coretypes.KindDashboard, dashboardIDs)
+	if err != nil {
+		return nil, err
+	}
+
+	allTags, err := module.tagModule.List(ctx, orgID, coretypes.KindDashboard)
+	if err != nil {
+		return nil, err
+	}
+
+	return dashboardtypes.NewListableDashboardV2(rows, total, tagsByDashboard, allTags)
+}
+
 func (module *module) GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*dashboardtypes.DashboardV2, error) {
 	storable, err := module.store.Get(ctx, orgID, id)
 	if err != nil {
@@ -55,3 +79,131 @@ func (module *module) GetV2(ctx context.Context, orgID valuer.UUID, id valuer.UU
 
 	return storable.ToDashboardV2(tags)
 }
+
+func (module *module) UpdateV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, updatable dashboardtypes.UpdatableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	if err := updatable.Validate(); err != nil {
+		return nil, err
+	}
+
+	existing, err := module.GetV2(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+	// Locked-dashboard / state gate — independent of tags, so run it before the tx.
+	if err := existing.CanUpdate(); err != nil {
+		return nil, err
+	}
+
+	err = module.store.RunInTx(ctx, func(ctx context.Context) error {
+		resolvedTags, err := module.tagModule.SyncTags(ctx, orgID, coretypes.KindDashboard, id, updatable.Tags)
+		if err != nil {
+			return err
+		}
+
+		err = existing.Update(updatable, updatedBy, resolvedTags)
+		if err != nil {
+			return err
+		}
+
+		storable, err := existing.ToStorableDashboard()
+		if err != nil {
+			return err
+		}
+
+		return module.store.Update(ctx, orgID, storable)
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return existing, nil
+}
+
+func (module *module) PatchV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, patch dashboardtypes.PatchableDashboardV2) (*dashboardtypes.DashboardV2, error) {
+	existing, err := module.GetV2(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+	// Locked-dashboard / state gate — independent of tags, so run it before the tx.
+	if err := existing.CanUpdate(); err != nil {
+		return nil, err
+	}
+
+	updateable, err := patch.Apply(existing)
+	if err != nil {
+		return nil, err
+	}
+
+	err = module.store.RunInTx(ctx, func(ctx context.Context) error {
+		resolvedTags, err := module.tagModule.SyncTags(ctx, orgID, coretypes.KindDashboard, id, updateable.Tags)
+		if err != nil {
+			return err
+		}
+
+		err = existing.Update(*updateable, updatedBy, resolvedTags)
+		if err != nil {
+			return err
+		}
+
+		storable, err := existing.ToStorableDashboard()
+		if err != nil {
+			return err
+		}
+
+		return module.store.Update(ctx, orgID, storable)
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return existing, nil
+}
+
+func (module *module) DeleteV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	existing, err := module.GetV2(ctx, orgID, id)
+	if err != nil {
+		return err
+	}
+	if existing.Locked {
+		return errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "cannot delete a locked dashboard, please unlock the dashboard to delete")
+	}
+
+	return module.store.RunInTx(ctx, func(ctx context.Context) error {
+		// Syncing to an empty tag set drops every tag link for the dashboard.
+		if _, err := module.tagModule.SyncTags(ctx, orgID, coretypes.KindDashboard, id, nil); err != nil {
+			return err
+		}
+		return module.store.Delete(ctx, orgID, id)
+	})
+}
+
+func (module *module) LockUnlockV2(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updatedBy string, isAdmin bool, lock bool) error {
+	existing, err := module.GetV2(ctx, orgID, id)
+	if err != nil {
+		return err
+	}
+	if err := existing.LockUnlock(lock, isAdmin, updatedBy); err != nil {
+		return err
+	}
+	storable, err := existing.ToStorableDashboard()
+	if err != nil {
+		return err
+	}
+	return module.store.Update(ctx, orgID, storable)
+}
+
+func (module *module) PinV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, id valuer.UUID) error {
+	if _, err := module.GetV2(ctx, orgID, id); err != nil {
+		return err
+	}
+	return module.store.PinForUser(ctx, &dashboardtypes.PinnedDashboard{
+		UserID:      userID,
+		DashboardID: id,
+		OrgID:       orgID,
+		PinnedAt:    time.Now(),
+	})
+}
+
+func (module *module) UnpinV2(ctx context.Context, userID valuer.UUID, id valuer.UUID) error {
+	return module.store.UnpinForUser(ctx, userID, id)
+}

pkg/modules/dashboard/impldashboard/v2_view_handler.go

@@ -0,0 +1,132 @@
+package impldashboard
+
+import (
+	"context"
+	"net/http"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/http/binding"
+	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/gorilla/mux"
+)
+
+func (handler *handler) CreateView(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	var req dashboardtypes.PostableDashboardView
+	if err := binding.JSON.BindBody(r.Body, &req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	view, err := handler.module.CreateView(ctx, orgID, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusCreated, view)
+}
+
+func (handler *handler) ListViews(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	out, err := handler.module.ListViews(ctx, orgID)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, out)
+}
+
+func (handler *handler) UpdateView(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	viewID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	var req dashboardtypes.UpdateableDashboardView
+	if err := binding.JSON.BindBody(r.Body, &req); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	view, err := handler.module.UpdateView(ctx, orgID, viewID, req)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, view)
+}
+
+func (handler *handler) DeleteView(rw http.ResponseWriter, r *http.Request) {
+	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
+	defer cancel()
+
+	claims, err := authtypes.ClaimsFromContext(ctx)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	orgID := valuer.MustNewUUID(claims.OrgID)
+
+	id := mux.Vars(r)["id"]
+	if id == "" {
+		render.Error(rw, errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "id is missing in the path"))
+		return
+	}
+	viewID, err := valuer.NewUUID(id)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	if err := handler.module.DeleteView(ctx, orgID, viewID); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusNoContent, nil)
+}

pkg/modules/dashboard/impldashboard/v2_view_module.go

@@ -0,0 +1,46 @@
+package impldashboard
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+func (module *module) CreateView(ctx context.Context, orgID valuer.UUID, postable dashboardtypes.PostableDashboardView) (*dashboardtypes.DashboardView, error) {
+	if err := postable.Validate(); err != nil {
+		return nil, err
+	}
+	view := postable.NewDashboardView(orgID)
+	if err := module.store.CreateDashboardView(ctx, view); err != nil {
+		return nil, err
+	}
+	return view, nil
+}
+
+func (module *module) ListViews(ctx context.Context, orgID valuer.UUID) (*dashboardtypes.ListableDashboardView, error) {
+	views, err := module.store.ListDashboardViews(ctx, orgID)
+	if err != nil {
+		return nil, err
+	}
+	return &dashboardtypes.ListableDashboardView{Views: views}, nil
+}
+
+func (module *module) UpdateView(ctx context.Context, orgID valuer.UUID, id valuer.UUID, updateable dashboardtypes.UpdateableDashboardView) (*dashboardtypes.DashboardView, error) {
+	if err := updateable.Validate(); err != nil {
+		return nil, err
+	}
+	view, err := module.store.GetDashboardView(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+	view.Update(updateable)
+	if err := module.store.UpdateDashboardView(ctx, view); err != nil {
+		return nil, err
+	}
+	return view, nil
+}
+
+func (module *module) DeleteView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	return module.store.DeleteDashboardView(ctx, orgID, id)
+}

pkg/modules/tag/impltag/module.go

@@ -67,6 +67,10 @@ func (m *module) syncLinksForResource(ctx context.Context, orgID valuer.UUID, ki
 	})
 }
 
+func (m *module) List(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind) ([]*tagtypes.Tag, error) {
+	return m.store.List(ctx, orgID, kind)
+}
+
 func (m *module) ListForResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID) ([]*tagtypes.Tag, error) {
 	return m.store.ListByResource(ctx, orgID, kind, resourceID)
 }

pkg/modules/tag/tag.go

@@ -13,6 +13,9 @@ type Module interface {
 	// and reconciles the resource's links to exactly that set, all in one transaction.
 	SyncTags(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID, postable []tagtypes.PostableTag) ([]*tagtypes.Tag, error)
 
+	// List returns every tag of the given kind in the org.
+	List(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind) ([]*tagtypes.Tag, error)
+
 	ListForResource(ctx context.Context, orgID valuer.UUID, kind coretypes.Kind, resourceID valuer.UUID) ([]*tagtypes.Tag, error)
 
 	// Resources with no tags are absent from the returned map.

pkg/parser/filterquery/parse.go

@@ -0,0 +1,33 @@
+package filterquery
+
+import (
+	"fmt"
+
+	grammar "github.com/SigNoz/signoz/pkg/parser/filterquery/grammar"
+	"github.com/antlr4-go/antlr/v4"
+)
+
+func Parse(query string) (antlr.ParseTree, *antlr.CommonTokenStream, *ErrorCollector) {
+	collector := NewErrorCollector()
+	lexer := grammar.NewFilterQueryLexer(antlr.NewInputStream(query))
+	lexer.RemoveErrorListeners()
+	lexer.AddErrorListener(collector)
+	tokens := antlr.NewCommonTokenStream(lexer, 0)
+	parser := grammar.NewFilterQueryParser(tokens)
+	parser.RemoveErrorListeners()
+	parser.AddErrorListener(collector)
+	return parser.Query(), tokens, collector
+}
+
+type ErrorCollector struct {
+	*antlr.DefaultErrorListener
+	Errors []string
+}
+
+func NewErrorCollector() *ErrorCollector {
+	return &ErrorCollector{}
+}
+
+func (c *ErrorCollector) SyntaxError(_ antlr.Recognizer, _ any, line, column int, msg string, _ antlr.RecognitionException) {
+	c.Errors = append(c.Errors, fmt.Sprintf("syntax error at %d:%d — %s", line, column, msg))
+}

pkg/signoz/provider.go

@@ -211,6 +211,8 @@ func NewSQLMigrationProviderFactories(
 		sqlmigration.NewAddDashboardNameFactory(sqlstore, sqlschema),
 		sqlmigration.NewFixChangelogOperationTypeFactory(sqlstore, sqlschema),
 		sqlmigration.NewCloudIntegrationRemoveCascadeDeleteFactory(sqlschema),
+		sqlmigration.NewAddPinnedDashboardFactory(sqlstore, sqlschema),
+		sqlmigration.NewAddDashboardViewFactory(sqlstore, sqlschema),
 	)
 }
 

pkg/sqlmigration/092_add_pinned_dashboard.go

@@ -0,0 +1,67 @@
+package sqlmigration
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/sqlschema"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/uptrace/bun"
+	"github.com/uptrace/bun/migrate"
+)
+
+type addPinnedDashboard struct {
+	sqlstore  sqlstore.SQLStore
+	sqlschema sqlschema.SQLSchema
+}
+
+func NewAddPinnedDashboardFactory(sqlstore sqlstore.SQLStore, sqlschema sqlschema.SQLSchema) factory.ProviderFactory[SQLMigration, Config] {
+	return factory.NewProviderFactory(factory.MustNewName("add_pinned_dashboard"), func(ctx context.Context, ps factory.ProviderSettings, c Config) (SQLMigration, error) {
+		return &addPinnedDashboard{
+			sqlstore:  sqlstore,
+			sqlschema: sqlschema,
+		}, nil
+	})
+}
+
+func (migration *addPinnedDashboard) Register(migrations *migrate.Migrations) error {
+	return migrations.Register(migration.Up, migration.Down)
+}
+
+func (migration *addPinnedDashboard) Up(ctx context.Context, db *bun.DB) error {
+	tx, err := db.BeginTx(ctx, nil)
+	if err != nil {
+		return err
+	}
+	defer func() { _ = tx.Rollback() }()
+
+	sqls := migration.sqlschema.Operator().CreateTable(&sqlschema.Table{
+		Name: "pinned_dashboard",
+		Columns: []*sqlschema.Column{
+			{Name: "user_id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "dashboard_id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "org_id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "pinned_at", DataType: sqlschema.DataTypeTimestamp, Nullable: false, Default: "current_timestamp"},
+		},
+		PrimaryKeyConstraint: &sqlschema.PrimaryKeyConstraint{ColumnNames: []sqlschema.ColumnName{"user_id", "dashboard_id"}},
+		ForeignKeyConstraints: []*sqlschema.ForeignKeyConstraint{
+			{
+				ReferencingColumnName: sqlschema.ColumnName("org_id"),
+				ReferencedTableName:   sqlschema.TableName("organizations"),
+				ReferencedColumnName:  sqlschema.ColumnName("id"),
+			},
+		},
+	})
+
+	for _, sql := range sqls {
+		if _, err := tx.ExecContext(ctx, string(sql)); err != nil {
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (migration *addPinnedDashboard) Down(_ context.Context, _ *bun.DB) error {
+	return nil
+}

pkg/sqlmigration/093_add_dashboard_view.go

@@ -0,0 +1,69 @@
+package sqlmigration
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/sqlschema"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/uptrace/bun"
+	"github.com/uptrace/bun/migrate"
+)
+
+type addDashboardView struct {
+	sqlstore  sqlstore.SQLStore
+	sqlschema sqlschema.SQLSchema
+}
+
+func NewAddDashboardViewFactory(sqlstore sqlstore.SQLStore, sqlschema sqlschema.SQLSchema) factory.ProviderFactory[SQLMigration, Config] {
+	return factory.NewProviderFactory(factory.MustNewName("add_dashboard_view"), func(ctx context.Context, ps factory.ProviderSettings, c Config) (SQLMigration, error) {
+		return &addDashboardView{
+			sqlstore:  sqlstore,
+			sqlschema: sqlschema,
+		}, nil
+	})
+}
+
+func (migration *addDashboardView) Register(migrations *migrate.Migrations) error {
+	return migrations.Register(migration.Up, migration.Down)
+}
+
+func (migration *addDashboardView) Up(ctx context.Context, db *bun.DB) error {
+	tx, err := db.BeginTx(ctx, nil)
+	if err != nil {
+		return err
+	}
+	defer func() { _ = tx.Rollback() }()
+
+	sqls := migration.sqlschema.Operator().CreateTable(&sqlschema.Table{
+		Name: "dashboard_view",
+		Columns: []*sqlschema.Column{
+			{Name: "id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "name", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "data", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "org_id", DataType: sqlschema.DataTypeText, Nullable: false},
+			{Name: "created_at", DataType: sqlschema.DataTypeTimestamp, Nullable: false},
+			{Name: "updated_at", DataType: sqlschema.DataTypeTimestamp, Nullable: false},
+		},
+		PrimaryKeyConstraint: &sqlschema.PrimaryKeyConstraint{ColumnNames: []sqlschema.ColumnName{"id"}},
+		ForeignKeyConstraints: []*sqlschema.ForeignKeyConstraint{
+			{
+				ReferencingColumnName: sqlschema.ColumnName("org_id"),
+				ReferencedTableName:   sqlschema.TableName("organizations"),
+				ReferencedColumnName:  sqlschema.ColumnName("id"),
+			},
+		},
+	})
+
+	for _, sql := range sqls {
+		if _, err := tx.ExecContext(ctx, string(sql)); err != nil {
+			return err
+		}
+	}
+
+	return tx.Commit()
+}
+
+func (migration *addDashboardView) Down(_ context.Context, _ *bun.DB) error {
+	return nil
+}

pkg/types/cloudintegrationtypes/integration_dashboard.go

@@ -18,14 +18,16 @@ var (
 type StorableIntegrationDashboard struct {
 	bun.BaseModel `bun:"table:integration_dashboard"`
 
-	ID          string                           `bun:"id,pk,type:text"`
-	DashboardID string                           `bun:"dashboard_id,type:text"`
-	Provider    IntegrationDashboardProviderType `bun:"provider,type:text"`
-	Slug        string                           `bun:"slug,type:text"`
-	CreatedAt   time.Time                        `bun:"created_at"`
-	UpdatedAt   time.Time                        `bun:"updated_at"`
+	ID          string                           `json:"id" bun:"id,pk,type:text" required:"true"`
+	DashboardID string                           `json:"dashboardId" bun:"dashboard_id,type:text" required:"true"`
+	Provider    IntegrationDashboardProviderType `json:"provider" bun:"provider,type:text" required:"true"`
+	Slug        string                           `json:"slug" bun:"slug,type:text" required:"true"`
+	CreatedAt   time.Time                        `json:"createdAt" bun:"created_at" required:"true"`
+	UpdatedAt   time.Time                        `json:"updatedAt" bun:"updated_at" required:"true"`
 }
 
+type IntegrationDashboard = StorableIntegrationDashboard
+
 func NewStorableIntegrationDashboard(dashboardID string, provider IntegrationDashboardProviderType, slug string) *StorableIntegrationDashboard {
 	now := time.Now()
 	return &StorableIntegrationDashboard{

pkg/types/cloudintegrationtypes/service.go

@@ -50,10 +50,18 @@ type ListServicesMetadataParams struct {
 // Service represents a cloud integration service with its definition,
 // cloud integration service is non nil only when the service entry exists in DB with ANY config (enabled or disabled).
 type Service struct {
-	ServiceDefinition
+	ServiceDefinitionMetadata
+	Overview                string                   `json:"overview" required:"true"` // markdown
+	ServiceAssets           ServiceAssets            `json:"assets" required:"true"`
+	SupportedSignals        SupportedSignals         `json:"supportedSignals" required:"true"`
+	DataCollected           DataCollected            `json:"dataCollected" required:"true"`
 	CloudIntegrationService *CloudIntegrationService `json:"cloudIntegrationService" required:"true" nullable:"true"`
 }
 
+type ServiceAssets struct {
+	Dashboards []*ServiceDashboard `json:"dashboards" required:"true" nullable:"false"`
+}
+
 type GetServiceParams struct {
 	CloudIntegrationID valuer.UUID `query:"cloud_integration_id" required:"false"`
 }
@@ -121,6 +129,12 @@ type Dashboard struct {
 	Definition  dashboardtypes.StorableDashboardData `json:"definition,omitempty"`
 }
 
+type ServiceDashboard struct {
+	Title                string                `json:"title" required:"true"`
+	Description          string                `json:"description" required:"true"`
+	IntegrationDashboard *IntegrationDashboard `json:"integrationDashboard,omitempty" required:"false"`
+}
+
 func NewCloudIntegrationService(serviceID ServiceID, cloudIntegrationID valuer.UUID, provider CloudProviderType, config *ServiceConfig) (*CloudIntegrationService, error) {
 	switch provider {
 	case CloudProviderTypeAWS:
@@ -164,11 +178,41 @@ func NewServiceMetadata(definition ServiceDefinition, enabled bool) *ServiceMeta
 	}
 }
 
-func NewService(def ServiceDefinition, storableService *CloudIntegrationService) *Service {
-	return &Service{
-		ServiceDefinition:       def,
-		CloudIntegrationService: storableService,
+func NewService(provider CloudProviderType, def *ServiceDefinition, integrationService *CloudIntegrationService, integrationDashboards []*StorableIntegrationDashboard) *Service {
+	service := &Service{
+		ServiceDefinitionMetadata: def.ServiceDefinitionMetadata,
+		Overview:                  def.Overview,
+		SupportedSignals:          def.SupportedSignals,
+		DataCollected:             def.DataCollected,
+		CloudIntegrationService:   integrationService,
+		ServiceAssets:             ServiceAssets{Dashboards: make([]*ServiceDashboard, 0, len(def.Assets.Dashboards))},
 	}
+
+	integrationDashboardsMap := make(map[string]*IntegrationDashboard)
+	for _, d := range integrationDashboards {
+		integrationDashboardsMap[d.Slug] = d
+	}
+
+	for _, d := range def.Assets.Dashboards {
+		dashboard := &ServiceDashboard{
+			Title:       d.Title,
+			Description: d.Description,
+		}
+
+		if integrationService != nil {
+			slug := CloudIntegrationDashboardSlug(provider, integrationService.Type, d.ID)
+
+			if integrationDashboard, exists := integrationDashboardsMap[slug]; exists {
+				if integrationDashboard != nil {
+					dashboard.IntegrationDashboard = integrationDashboard
+				}
+			}
+		}
+
+		service.ServiceAssets.Dashboards = append(service.ServiceAssets.Dashboards, dashboard)
+	}
+
+	return service
 }
 
 func NewGettableServicesMetadata(services []*ServiceMetadata) *GettableServicesMetadata {

pkg/types/dashboardtypes/dashboard.go

@@ -21,6 +21,7 @@ var (
 	ErrCodeDashboardInvalidWidgetQuery = errors.MustNewCode("dashboard_invalid_widget_query")
 	ErrCodeDashboardInvalidSource      = errors.MustNewCode("dashboard_invalid_source")
 	ErrCodeDashboardImmutable          = errors.MustNewCode("dashboard_immutable")
+	ErrCodeDashboardInvalidPatch       = errors.MustNewCode("dashboard_invalid_patch")
 )
 
 type StorableDashboard struct {

pkg/types/dashboardtypes/dashboard_view.go

@@ -0,0 +1,146 @@
+package dashboardtypes
+
+import (
+	"bytes"
+	"encoding/json"
+	"strings"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/uptrace/bun"
+)
+
+const (
+	DashboardViewSchemaVersion = "v1"
+	MaxDashboardViewNameLen    = 32
+)
+
+var (
+	ErrCodeDashboardViewInvalidInput = errors.MustNewCode("dashboard_view_invalid_input")
+	ErrCodeDashboardViewNotFound     = errors.MustNewCode("dashboard_view_not_found")
+)
+
+type DashboardViewData struct {
+	Version string    `json:"version" required:"true"`
+	Query   string    `json:"query"`
+	Sort    ListSort  `json:"sort"`
+	Order   ListOrder `json:"order"`
+}
+
+func (d *DashboardViewData) Validate() error {
+	if d.Version != DashboardViewSchemaVersion {
+		return errors.NewInvalidInputf(ErrCodeDashboardViewInvalidInput,
+			"version must be %q, got %q", DashboardViewSchemaVersion, d.Version)
+	}
+	if !d.Sort.IsZero() {
+		s := d.Sort
+		switch s {
+		case ListSortUpdatedAt, ListSortCreatedAt, ListSortName:
+		default:
+			return errors.NewInvalidInputf(ErrCodeDashboardViewInvalidInput,
+				"invalid sort %q — expected one of: `updated_at`, `created_at`, `name`", d.Sort)
+		}
+		d.Sort = s
+	}
+	if !d.Order.IsZero() {
+		o := d.Order
+		switch o {
+		case ListOrderAsc, ListOrderDesc:
+		default:
+			return errors.NewInvalidInputf(ErrCodeDashboardViewInvalidInput,
+				"invalid order %q — expected `asc` or `desc`", d.Order)
+		}
+		d.Order = o
+	}
+	return nil
+}
+
+type DashboardView struct {
+	bun.BaseModel `bun:"table:dashboard_view,alias:dashboard_view"`
+
+	types.Identifiable
+	types.TimeAuditable
+
+	Name  string            `bun:"name,type:text,notnull" json:"name" required:"true"`
+	Data  DashboardViewData `bun:"data,type:jsonb,notnull" json:"data" required:"true"`
+	OrgID valuer.UUID       `bun:"org_id,type:text,notnull" json:"orgId" required:"true"`
+}
+
+// ════════════════════════════════════════════════════════════════════════
+// Postable
+// ════════════════════════════════════════════════════════════════════════
+
+type PostableDashboardView struct {
+	Name string            `json:"name" required:"true"`
+	Data DashboardViewData `json:"data" required:"true"`
+}
+
+func (p *PostableDashboardView) UnmarshalJSON(data []byte) error {
+	dec := json.NewDecoder(bytes.NewReader(data))
+	dec.DisallowUnknownFields()
+	type alias PostableDashboardView
+	var tmp alias
+	if err := dec.Decode(&tmp); err != nil {
+		return errors.WrapInvalidInputf(err, ErrCodeDashboardViewInvalidInput, "invalid saved view request body").WithAdditional(err.Error())
+	}
+	*p = PostableDashboardView(tmp)
+	return p.Validate()
+}
+
+func (p *PostableDashboardView) Validate() error {
+	if err := validateDashboardViewName(p.Name); err != nil {
+		return err
+	}
+	return p.Data.Validate()
+}
+
+func (p PostableDashboardView) NewDashboardView(orgID valuer.UUID) *DashboardView {
+	now := time.Now()
+	return &DashboardView{
+		Identifiable:  types.Identifiable{ID: valuer.GenerateUUID()},
+		TimeAuditable: types.TimeAuditable{CreatedAt: now, UpdatedAt: now},
+		OrgID:         orgID,
+		Name:          p.Name,
+		Data:          p.Data,
+	}
+}
+
+// ════════════════════════════════════════════════════════════════════════
+// Updateable
+// ════════════════════════════════════════════════════════════════════════
+
+type UpdateableDashboardView = PostableDashboardView
+
+func (v *DashboardView) Update(updateable UpdateableDashboardView) {
+	v.Name = updateable.Name
+	v.Data = updateable.Data
+	v.UpdatedAt = time.Now()
+}
+
+// ════════════════════════════════════════════════════════════════════════
+// Gettable
+// ════════════════════════════════════════════════════════════════════════
+
+type GettableDashboardView = DashboardView
+
+type ListableDashboardView struct {
+	Views []*GettableDashboardView `json:"views" required:"true" nullable:"false"`
+}
+
+// ════════════════════════════════════════════════════════════════════════
+// Helpers
+// ════════════════════════════════════════════════════════════════════════
+
+func validateDashboardViewName(name string) error {
+	trimmed := strings.TrimSpace(name)
+	if trimmed == "" {
+		return errors.NewInvalidInputf(ErrCodeDashboardViewInvalidInput, "name is required")
+	}
+	if len(trimmed) > MaxDashboardViewNameLen {
+		return errors.NewInvalidInputf(ErrCodeDashboardViewInvalidInput,
+			"name must be at most %d characters, got %d", MaxDashboardViewNameLen, len(trimmed))
+	}
+	return nil
+}

pkg/types/dashboardtypes/list_v2.go

@@ -0,0 +1,159 @@
+package dashboardtypes
+
+import (
+	"slices"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/perses/perses/pkg/model/api/v1/common"
+)
+
+const (
+	DefaultListLimit = 20
+	MaxListLimit     = 200
+)
+
+// ListSort is the sort field for the dashboard list endpoint. The value is a
+// stable enum so callers can't ask for arbitrary columns.
+type ListSort struct{ valuer.String }
+
+var (
+	ListSortUpdatedAt = ListSort{valuer.NewString("updated_at")}
+	ListSortCreatedAt = ListSort{valuer.NewString("created_at")}
+	ListSortName      = ListSort{valuer.NewString("name")}
+)
+
+func (ListSort) Enum() []any {
+	return []any{ListSortUpdatedAt, ListSortCreatedAt, ListSortName}
+}
+
+func (s ListSort) IsValid() bool {
+	return slices.ContainsFunc(s.Enum(), func(v any) bool { return v == s })
+}
+
+type ListOrder struct{ valuer.String }
+
+var (
+	ListOrderAsc  = ListOrder{valuer.NewString("asc")}
+	ListOrderDesc = ListOrder{valuer.NewString("desc")}
+)
+
+func (ListOrder) Enum() []any {
+	return []any{ListOrderAsc, ListOrderDesc}
+}
+
+func (o ListOrder) IsValid() bool {
+	return slices.ContainsFunc(o.Enum(), func(v any) bool { return v == o })
+}
+
+var ErrCodeDashboardListInvalid = errors.MustNewCode("dashboard_list_invalid")
+
+type ListDashboardsV2Params struct {
+	Query  string    `query:"query"`
+	Sort   ListSort  `query:"sort"`
+	Order  ListOrder `query:"order"`
+	Limit  int       `query:"limit"`
+	Offset int       `query:"offset"`
+}
+
+// Validate fills in defaults (sort=updated_at, order=desc, limit=20) and
+// rejects out-of-allowlist sort/order values and bad limit/offset. Limit is
+// clamped to MaxListLimit on the high side. Sort/order are case-insensitive —
+// valuer.String lowercases them at bind time.
+func (p *ListDashboardsV2Params) Validate() error {
+	if p.Sort.IsZero() {
+		p.Sort = ListSortUpdatedAt
+	} else if !p.Sort.IsValid() {
+		return errors.NewInvalidInputf(ErrCodeDashboardListInvalid,
+			"invalid sort %q — expected one of: `updated_at`, `created_at`, `name`", p.Sort)
+	}
+
+	if p.Order.IsZero() {
+		p.Order = ListOrderDesc
+	} else if !p.Order.IsValid() {
+		return errors.NewInvalidInputf(ErrCodeDashboardListInvalid,
+			"invalid order %q — expected `asc` or `desc`", p.Order)
+	}
+
+	if p.Limit == 0 {
+		p.Limit = DefaultListLimit
+	} else if p.Limit < 0 {
+		return errors.NewInvalidInputf(ErrCodeDashboardListInvalid,
+			"invalid limit %d — must be a positive integer", p.Limit)
+	} else if p.Limit > MaxListLimit {
+		p.Limit = MaxListLimit
+	}
+
+	if p.Offset < 0 {
+		return errors.NewInvalidInputf(ErrCodeDashboardListInvalid,
+			"invalid offset %d — must be a non-negative integer", p.Offset)
+	}
+
+	return nil
+}
+
+type listedDashboardV2 struct {
+	types.Identifiable
+	types.TimeAuditable
+	types.UserAuditable
+
+	OrgID         valuer.UUID             `json:"orgId" required:"true"`
+	Locked        bool                    `json:"locked" required:"true"`
+	Source        Source                  `json:"source" required:"true"`
+	SchemaVersion string                  `json:"schemaVersion" required:"true"`
+	Name          string                  `json:"name" required:"true"`
+	Pinned        bool                    `json:"pinned" required:"true"`
+	Image         string                  `json:"image,omitempty"`
+	Tags          []*tagtypes.GettableTag `json:"tags" required:"true" nullable:"false"`
+	Spec          listedDashboardV2Spec   `json:"spec" required:"true"`
+}
+
+type listedDashboardV2Spec struct {
+	Display *common.Display `json:"display,omitempty"`
+}
+
+type ListableDashboardV2 struct {
+	Dashboards []*listedDashboardV2    `json:"dashboards" required:"true" nullable:"false"`
+	Total      int64                   `json:"total" required:"true"`
+	Tags       []*tagtypes.GettableTag `json:"tags" required:"true" nullable:"false"`
+}
+
+// DashboardListRow is the per-row shape Store.ListV2 returns. Bundles the
+// joined dashboard / pinned_dashboard data so the module layer can attach
+// tags and assemble the gettable view.
+type DashboardListRow struct {
+	Dashboard *StorableDashboard
+	Pinned    bool
+}
+
+func NewListableDashboardV2(rows []*DashboardListRow, total int64, tagsByEntity map[valuer.UUID][]*tagtypes.Tag, allTags []*tagtypes.Tag) (*ListableDashboardV2, error) {
+	dashboards := make([]*listedDashboardV2, len(rows))
+	for i, r := range rows {
+		v2, err := r.Dashboard.ToDashboardV2(tagsByEntity[r.Dashboard.ID])
+		if err != nil {
+			return nil, err
+		}
+
+		dashboards[i] = &listedDashboardV2{
+			Identifiable:  v2.Identifiable,
+			TimeAuditable: v2.TimeAuditable,
+			UserAuditable: v2.UserAuditable,
+			OrgID:         v2.OrgID,
+			Locked:        v2.Locked,
+			Source:        v2.Source,
+			SchemaVersion: v2.SchemaVersion,
+			Name:          v2.Name,
+			Pinned:        r.Pinned,
+			Image:         v2.Image,
+			Tags:          tagtypes.NewGettableTagsFromTags(v2.Tags),
+			Spec:          listedDashboardV2Spec{Display: v2.Spec.Display},
+		}
+	}
+	return &ListableDashboardV2{
+		Dashboards: dashboards,
+		Total:      total,
+		Tags:       tagtypes.NewGettableTagsFromTags(allTags),
+	}, nil
+}

pkg/types/dashboardtypes/listfilter/constants.go

@@ -0,0 +1,61 @@
+package listfilter
+
+import (
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	qbtypesv5 "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+)
+
+var ErrCodeDashboardListFilterInvalid = errors.MustNewCode("dashboard_list_filter_invalid")
+
+// reservedOps lists the operators each reserved (column-level) DSL key accepts.
+// Any non-reserved key is treated as a tag key and uses tagKeyOps.
+var reservedOps = map[dashboardtypes.DSLKey]map[qbtypesv5.FilterOperator]struct{}{
+	dashboardtypes.DSLKeyName:        stringSearchOps(),
+	dashboardtypes.DSLKeyDescription: stringSearchOps(),
+	dashboardtypes.DSLKeyCreatedAt:   numericRangeOps(),
+	dashboardtypes.DSLKeyUpdatedAt:   numericRangeOps(),
+	dashboardtypes.DSLKeyCreatedBy:   stringSearchOps(),
+	dashboardtypes.DSLKeyLocked:      opsSet(qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual),
+	dashboardtypes.DSLKeyPublic:      opsSet(qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual),
+}
+
+// tagKeyOps applies to every non-reserved DSL key — the operator targets the
+// tag's value with an implicit case-insensitive match on the tag's key.
+var tagKeyOps = opsSet(
+	qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual,
+	qbtypesv5.FilterOperatorLike, qbtypesv5.FilterOperatorNotLike,
+	qbtypesv5.FilterOperatorILike, qbtypesv5.FilterOperatorNotILike,
+	qbtypesv5.FilterOperatorContains, qbtypesv5.FilterOperatorNotContains,
+	qbtypesv5.FilterOperatorRegexp, qbtypesv5.FilterOperatorNotRegexp,
+	qbtypesv5.FilterOperatorIn, qbtypesv5.FilterOperatorNotIn,
+	qbtypesv5.FilterOperatorExists, qbtypesv5.FilterOperatorNotExists,
+)
+
+func stringSearchOps() map[qbtypesv5.FilterOperator]struct{} {
+	return opsSet(
+		qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual,
+		qbtypesv5.FilterOperatorLike, qbtypesv5.FilterOperatorNotLike,
+		qbtypesv5.FilterOperatorILike, qbtypesv5.FilterOperatorNotILike,
+		qbtypesv5.FilterOperatorContains, qbtypesv5.FilterOperatorNotContains,
+		qbtypesv5.FilterOperatorRegexp, qbtypesv5.FilterOperatorNotRegexp,
+		qbtypesv5.FilterOperatorIn, qbtypesv5.FilterOperatorNotIn,
+	)
+}
+
+func numericRangeOps() map[qbtypesv5.FilterOperator]struct{} {
+	return opsSet(
+		qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual,
+		qbtypesv5.FilterOperatorLessThan, qbtypesv5.FilterOperatorLessThanOrEq,
+		qbtypesv5.FilterOperatorGreaterThan, qbtypesv5.FilterOperatorGreaterThanOrEq,
+		qbtypesv5.FilterOperatorBetween, qbtypesv5.FilterOperatorNotBetween,
+	)
+}
+
+func opsSet(ops ...qbtypesv5.FilterOperator) map[qbtypesv5.FilterOperator]struct{} {
+	m := make(map[qbtypesv5.FilterOperator]struct{}, len(ops))
+	for _, op := range ops {
+		m[op] = struct{}{}
+	}
+	return m
+}

pkg/types/dashboardtypes/listfilter/listfilter.go

@@ -0,0 +1,39 @@
+package listfilter
+
+import (
+	"strings"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+)
+
+type Compiled struct {
+	SQL  string
+	Args []any
+}
+
+func Compile(query string, formatter sqlstore.SQLFormatter) (*Compiled, error) {
+	if len(query) == 0 {
+		return nil, nil //nolint:nilnil
+	}
+
+	queryVisitor := newVisitor(formatter)
+	frag, syntaxErrs := queryVisitor.compile(query)
+
+	if len(syntaxErrs) > 0 {
+		return nil, errors.NewInvalidInputf(ErrCodeDashboardListFilterInvalid,
+			"invalid filter query: %s", strings.Join(syntaxErrs, "; "))
+	}
+	if len(queryVisitor.errors) > 0 {
+		return nil, errors.NewInvalidInputf(ErrCodeDashboardListFilterInvalid,
+			"invalid filter query: %s", strings.Join(queryVisitor.errors, "; "))
+	}
+	if frag == nil || frag.sql == "" {
+		return nil, nil //nolint:nilnil
+	}
+
+	return &Compiled{
+		SQL:  frag.sql,
+		Args: frag.args,
+	}, nil
+}

pkg/types/dashboardtypes/listfilter/listfilter_test.go

@@ -0,0 +1,507 @@
+package listfilter
+
+import (
+	"strings"
+	"testing"
+	"time"
+
+	"github.com/DATA-DOG/go-sqlmock"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/sqlstore/sqlstoretest"
+)
+
+type compileCase struct {
+	subtestName              string
+	dslQueryToCompile        string
+	nilExpected              bool
+	expectedSQL              string
+	expectedArgs             []any
+	expectedErrShouldContain string
+}
+
+func runCompileCases(t *testing.T, cases []compileCase) {
+	t.Helper()
+	for _, c := range cases {
+		t.Run(c.subtestName, func(t *testing.T) {
+			out, err := Compile(c.dslQueryToCompile, formatter(t))
+
+			if c.expectedErrShouldContain != "" {
+				require.Error(t, err)
+				assert.Contains(t, strings.ToLower(err.Error()), strings.ToLower(c.expectedErrShouldContain))
+				return
+			}
+
+			require.NoError(t, err)
+			if c.nilExpected {
+				assert.Nil(t, out)
+				return
+			}
+			require.NotNil(t, out)
+
+			if c.expectedSQL != "" {
+				assert.Equal(t, normalizeSQL(c.expectedSQL), normalizeSQL(out.SQL))
+			}
+			if c.expectedArgs != nil {
+				require.Len(t, out.Args, len(c.expectedArgs))
+				for i, want := range c.expectedArgs {
+					// time.Time values can carry semantically-equal instants
+					// in different *Location representations (UTC vs Local vs
+					// FixedZone). Compare via .Equal() instead of DeepEqual.
+					if wantT, ok := want.(time.Time); ok {
+						gotT, ok := out.Args[i].(time.Time)
+						require.True(t, ok, "arg[%d]: want time.Time, got %T", i, out.Args[i])
+						assert.True(t, wantT.Equal(gotT), "arg[%d]: want %s, got %s", i, wantT, gotT)
+						continue
+					}
+					assert.Equal(t, want, out.Args[i], "arg[%d]", i)
+				}
+			}
+		})
+	}
+}
+
+func TestCompile_Empty(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{subtestName: "empty query yields nil", dslQueryToCompile: "", nilExpected: true},
+	})
+}
+
+func TestCompile_Name(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "name =",
+			dslQueryToCompile: `name = 'overview'`,
+			expectedSQL:       `json_extract("dashboard"."data", '$.spec.display.name') = ?`,
+			expectedArgs:      []any{"overview"},
+		},
+		{
+			// QUOTED_TEXT in the grammar covers both '…' and "…" — visitor
+			// strips whichever quote pair surrounds the value.
+			subtestName:       "name = with double-quoted value",
+			dslQueryToCompile: `name = "something"`,
+			expectedSQL:       `json_extract("dashboard"."data", '$.spec.display.name') = ?`,
+			expectedArgs:      []any{"something"},
+		},
+		{
+			subtestName:       "name CONTAINS",
+			dslQueryToCompile: `name CONTAINS 'overview'`,
+			expectedSQL:       `json_extract("dashboard"."data", '$.spec.display.name') LIKE ?`,
+			expectedArgs:      []any{"%overview%"},
+		},
+		{
+			subtestName:       "name ILIKE — emitted as LOWER(col) LIKE LOWER(?) for dialect parity",
+			dslQueryToCompile: `name ILIKE 'Prod%'`,
+			expectedSQL:       `lower(json_extract("dashboard"."data", '$.spec.display.name')) LIKE LOWER(?)`,
+			expectedArgs:      []any{"Prod%"},
+		},
+		{
+			subtestName:       "CONTAINS escapes % in user input",
+			dslQueryToCompile: `name CONTAINS '50%'`,
+			expectedSQL:       `json_extract("dashboard"."data", '$.spec.display.name') LIKE ?`,
+			expectedArgs:      []any{`%50\%%`},
+		},
+	})
+}
+
+func TestCompile_CreatedByLocked(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "created_by LIKE",
+			dslQueryToCompile: `created_by LIKE '%@signoz.io'`,
+			expectedSQL:       `dashboard.created_by LIKE ?`,
+			expectedArgs:      []any{"%@signoz.io"},
+		},
+		{
+			subtestName:       "locked = true",
+			dslQueryToCompile: `locked = true`,
+			expectedSQL:       `dashboard.locked = ?`,
+			expectedArgs:      []any{true},
+		},
+	})
+}
+
+func TestCompile_Public(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{subtestName: "public = true", dslQueryToCompile: `public = true`, expectedSQL: `pd.id IS NOT NULL`},
+		{subtestName: "public = false", dslQueryToCompile: `public = false`, expectedSQL: `pd.id IS NULL`},
+		{subtestName: "public != true", dslQueryToCompile: `public != true`, expectedSQL: `pd.id IS NULL`},
+	})
+}
+
+func TestCompile_Timestamps(t *testing.T) {
+	ist := time.FixedZone("+05:30", 5*60*60+30*60)
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "created_at >= RFC3339",
+			dslQueryToCompile: `created_at >= '2026-03-10T00:00:00Z'`,
+			expectedSQL:       `dashboard.created_at >= ?`,
+			expectedArgs:      []any{time.Date(2026, 3, 10, 0, 0, 0, 0, time.UTC)},
+		},
+		{
+			subtestName:       "updated_at BETWEEN",
+			dslQueryToCompile: `updated_at BETWEEN '2026-03-10T00:00:00Z' AND '2026-03-20T00:00:00Z'`,
+			expectedSQL:       `dashboard.updated_at BETWEEN ? AND ?`,
+			expectedArgs: []any{
+				time.Date(2026, 3, 10, 0, 0, 0, 0, time.UTC),
+				time.Date(2026, 3, 20, 0, 0, 0, 0, time.UTC),
+			},
+		},
+		{
+			subtestName:       "created_at >= IST timestamp",
+			dslQueryToCompile: `created_at >= '2026-03-10T05:30:00+05:30'`,
+			expectedSQL:       `dashboard.created_at >= ?`,
+			expectedArgs:      []any{time.Date(2026, 3, 10, 5, 30, 0, 0, ist)},
+		},
+	})
+}
+
+// Tag operators wrap each predicate in EXISTS / NOT EXISTS. Any non-reserved
+// key is a tag key — `team = 'pulse'` matches a tag with key=team value=pulse,
+// `tag = 'prod'` matches a tag with key=tag value=prod, and so on.
+func TestCompile_Tag(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "team = wraps in EXISTS",
+			dslQueryToCompile: `team = 'pulse'`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value = ?
+				)`,
+			expectedArgs: []any{"team", "pulse"},
+		},
+		{
+			subtestName:       "tag = is just a regular tag-key filter",
+			dslQueryToCompile: `tag = 'database'`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value = ?
+				)`,
+			expectedArgs: []any{"tag", "database"},
+		},
+		{
+			subtestName:       "team != wraps in NOT EXISTS with positive inner",
+			dslQueryToCompile: `team != 'pulse'`,
+			expectedSQL: `
+				NOT EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value = ?
+				)`,
+			expectedArgs: []any{"team", "pulse"},
+		},
+		{
+			subtestName:       "team IN — inner is single placeholder list on t.value",
+			dslQueryToCompile: `team IN ['pulse', 'events']`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value IN (?, ?)
+				)`,
+			expectedArgs: []any{"team", "pulse", "events"},
+		},
+		{
+			subtestName:       "team NOT IN",
+			dslQueryToCompile: `team NOT IN ['pulse', 'events']`,
+			expectedSQL: `
+				NOT EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value IN (?, ?)
+				)`,
+			expectedArgs: []any{"team", "pulse", "events"},
+		},
+		{
+			subtestName:       "team LIKE — wildcard on value",
+			dslQueryToCompile: `team LIKE 'pulse%'`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value LIKE ?
+				)`,
+			expectedArgs: []any{"team", "pulse%"},
+		},
+		{
+			subtestName:       "team NOT LIKE",
+			dslQueryToCompile: `team NOT LIKE 'staging%'`,
+			expectedSQL: `
+				NOT EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value LIKE ?
+				)`,
+			expectedArgs: []any{"team", "staging%"},
+		},
+		{
+			subtestName:       "database EXISTS — asserts a tag with key=database is present",
+			dslQueryToCompile: `database EXISTS`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+				)`,
+			expectedArgs: []any{"database"},
+		},
+		{
+			subtestName:       "database NOT EXISTS",
+			dslQueryToCompile: `database NOT EXISTS`,
+			expectedSQL: `
+				NOT EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+				)`,
+			expectedArgs: []any{"database"},
+		},
+		{
+			subtestName:       "tag-key matching is case-insensitive — TEAM lowercased",
+			dslQueryToCompile: `TEAM = 'pulse'`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value = ?
+				)`,
+			expectedArgs: []any{"team", "pulse"},
+		},
+	})
+}
+
+func TestCompile_BooleanComposition(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "AND chain — flat arg list",
+			dslQueryToCompile: `locked = true AND public = true`,
+			expectedSQL:       `dashboard.locked = ? AND pd.id IS NOT NULL`,
+			expectedArgs:      []any{true},
+		},
+		{
+			subtestName:       "OR chain",
+			dslQueryToCompile: `locked = true OR public = true`,
+			expectedSQL:       `dashboard.locked = ? OR pd.id IS NOT NULL`,
+			expectedArgs:      []any{true},
+		},
+		{
+			subtestName:       "parens preserve precedence",
+			dslQueryToCompile: `(locked = true OR public = true) AND created_by = 'a@b.com'`,
+			expectedSQL:       `(dashboard.locked = ? OR pd.id IS NOT NULL) AND dashboard.created_by = ?`,
+			expectedArgs:      []any{true, "a@b.com"},
+		},
+	})
+}
+
+// Distinct from operator-suffix negation (NOT IN / NOT LIKE / NOT EXISTS).
+// Driven by the unaryExpression rule (`NOT? primary`), so NOT binds to
+// exactly one primary and only widens via parens.
+func TestCompile_NOT(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "NOT on a single comparison",
+			dslQueryToCompile: `NOT name = 'foo'`,
+			expectedSQL:       `NOT (json_extract("dashboard"."data", '$.spec.display.name') = ?)`,
+			expectedArgs:      []any{"foo"},
+		},
+		{
+			subtestName:       "NOT binds tightly to its primary in an AND chain",
+			dslQueryToCompile: `NOT name = 'foo' AND created_by = 'alice'`,
+			expectedSQL:       `NOT (json_extract("dashboard"."data", '$.spec.display.name') = ?) AND dashboard.created_by = ?`,
+			expectedArgs:      []any{"foo", "alice"},
+		},
+		{
+			subtestName:       "NOT applied to the second term in an AND chain",
+			dslQueryToCompile: `locked = true AND NOT name = 'foo'`,
+			expectedSQL:       `dashboard.locked = ? AND NOT (json_extract("dashboard"."data", '$.spec.display.name') = ?)`,
+			expectedArgs:      []any{true, "foo"},
+		},
+		{
+			subtestName:       "NOT around a parenthesized OR",
+			dslQueryToCompile: `NOT (locked = true OR public = true)`,
+			expectedSQL:       `NOT ((dashboard.locked = ? OR pd.id IS NOT NULL))`,
+			expectedArgs:      []any{true},
+		},
+		{
+			subtestName:       "double NOT via parens",
+			dslQueryToCompile: `NOT (NOT name = 'foo')`,
+			expectedSQL:       `NOT ((NOT (json_extract("dashboard"."data", '$.spec.display.name') = ?)))`,
+			expectedArgs:      []any{"foo"},
+		},
+		{
+			subtestName:       "NOT on a tag equality",
+			dslQueryToCompile: `NOT team = 'pulse'`,
+			expectedSQL: `
+				NOT (
+					EXISTS (
+						SELECT 1 FROM tag_relation tr
+						JOIN tag t ON t.id = tr.tag_id
+						WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+						AND LOWER(t.key) = LOWER(?)
+						AND t.value = ?
+					)
+				)`,
+			expectedArgs: []any{"team", "pulse"},
+		},
+		{
+			subtestName:       "NOT team = ... AND name = ...",
+			dslQueryToCompile: `NOT team = 'pulse' AND name = 'overview'`,
+			expectedSQL: `
+				NOT (
+					EXISTS (
+						SELECT 1 FROM tag_relation tr
+						JOIN tag t ON t.id = tr.tag_id
+						WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+						AND LOWER(t.key) = LOWER(?)
+						AND t.value = ?
+					)
+				)
+				AND json_extract("dashboard"."data", '$.spec.display.name') = ?`,
+			expectedArgs: []any{"team", "pulse", "overview"},
+		},
+	})
+}
+
+func TestCompile_ComplexExamples(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:       "name CONTAINS + tag LIKE + created_by + database =",
+			dslQueryToCompile: `name CONTAINS 'overview' AND tag LIKE 'prod%' AND created_by = 'naman.verma@signoz.io' AND database = 'mongo'`,
+			expectedSQL: `
+				json_extract("dashboard"."data", '$.spec.display.name') LIKE ?
+				AND EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value LIKE ?
+				)
+				AND dashboard.created_by = ?
+				AND EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value = ?
+				)`,
+			expectedArgs: []any{"%overview%", "tag", "prod%", "naman.verma@signoz.io", "database", "mongo"},
+		},
+		{
+			subtestName:       "team IN AND database EXISTS",
+			dslQueryToCompile: `team IN ['pulse', 'events'] AND database EXISTS`,
+			expectedSQL: `
+				EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+					AND t.value IN (?, ?)
+				)
+				AND EXISTS (
+					SELECT 1 FROM tag_relation tr
+					JOIN tag t ON t.id = tr.tag_id
+					WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+					AND LOWER(t.key) = LOWER(?)
+				)`,
+			expectedArgs: []any{"team", "pulse", "events", "database"},
+		},
+		{
+			subtestName:       "nested OR / AND with parens",
+			dslQueryToCompile: `(database IN ['sql', 'redis', 'mongo'] OR name LIKE '%database%') AND (team = 'pulse' OR name LIKE '%pulse%')`,
+			expectedSQL: `
+				(
+					EXISTS (
+						SELECT 1 FROM tag_relation tr
+						JOIN tag t ON t.id = tr.tag_id
+						WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+						AND LOWER(t.key) = LOWER(?)
+						AND t.value IN (?, ?, ?)
+					)
+					OR json_extract("dashboard"."data", '$.spec.display.name') LIKE ?
+				)
+				AND (
+					EXISTS (
+						SELECT 1 FROM tag_relation tr
+						JOIN tag t ON t.id = tr.tag_id
+						WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id
+						AND LOWER(t.key) = LOWER(?)
+						AND t.value = ?
+					)
+					OR json_extract("dashboard"."data", '$.spec.display.name') LIKE ?
+				)`,
+			expectedArgs: []any{"database", "sql", "redis", "mongo", "%database%", "team", "pulse", "%pulse%"},
+		},
+	})
+}
+
+func TestCompile_Rejections(t *testing.T) {
+	runCompileCases(t, []compileCase{
+		{
+			subtestName:              "rejects op outside per-reserved-key allowlist",
+			dslQueryToCompile:        `name BETWEEN 'a' AND 'z'`,
+			expectedErrShouldContain: "operator",
+		},
+		{
+			subtestName:              "rejects BETWEEN on a tag key",
+			dslQueryToCompile:        `team BETWEEN 'a' AND 'z'`,
+			expectedErrShouldContain: "operator",
+		},
+		{
+			subtestName:              "rejects non-bool on locked",
+			dslQueryToCompile:        `locked = 'yes'`,
+			expectedErrShouldContain: "boolean",
+		},
+		{
+			subtestName:              "rejects non-RFC3339 timestamp",
+			dslQueryToCompile:        `created_at >= 'not-a-date'`,
+			expectedErrShouldContain: "RFC3339",
+		},
+		{
+			subtestName:              "rejects REGEXP — not yet supported",
+			dslQueryToCompile:        `name REGEXP '.*'`,
+			expectedErrShouldContain: "REGEXP",
+		},
+		{
+			subtestName:              "rejects syntax error from grammar",
+			dslQueryToCompile:        `name = `,
+			expectedErrShouldContain: "syntax",
+		},
+	})
+}
+
+func formatter(t *testing.T) sqlstore.SQLFormatter {
+	t.Helper()
+	p := sqlstoretest.New(sqlstore.Config{Provider: "sqlite"}, sqlmock.QueryMatcherEqual)
+	return p.Formatter()
+}
+
+func normalizeSQL(s string) string {
+	s = strings.Join(strings.Fields(s), " ")
+	s = strings.ReplaceAll(s, "( ", "(")
+	s = strings.ReplaceAll(s, " )", ")")
+	return s
+}

pkg/types/dashboardtypes/listfilter/visitor.go

@@ -0,0 +1,592 @@
+package listfilter
+
+import (
+	"fmt"
+	"strings"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/parser/filterquery"
+	grammar "github.com/SigNoz/signoz/pkg/parser/filterquery/grammar"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	qbtypesv5 "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/antlr4-go/antlr/v4"
+)
+
+// fragment is one composable WHERE fragment. sql uses `?` placeholders;
+// args lines up positionally with the placeholders.
+type fragment struct {
+	sql  string
+	args []any
+}
+
+func newFragment(sql string, args ...any) *fragment {
+	return &fragment{sql: sql, args: args}
+}
+
+type visitor struct {
+	grammar.BaseFilterQueryVisitor
+	formatter sqlstore.SQLFormatter
+	errors    []string
+}
+
+func newVisitor(formatter sqlstore.SQLFormatter) *visitor {
+	return &visitor{
+		formatter: formatter,
+	}
+}
+
+// Emitted WHERE fragment uses aliases `dashboard` and `pd` (public_dashboard).
+func (v *visitor) compile(query string) (*fragment, []string) {
+	tree, _, collector := filterquery.Parse(query)
+	if len(collector.Errors) > 0 {
+		return nil, collector.Errors
+	}
+	frag, _ := v.visit(tree).(*fragment)
+	return frag, nil
+}
+
+func (v *visitor) visit(tree antlr.ParseTree) any {
+	if tree == nil {
+		return nil
+	}
+	return tree.Accept(v)
+}
+
+// ════════════════════════════════════════════════════════════════════════
+// methods from grammar.BaseFilterQueryVisitor that are overridden
+// ════════════════════════════════════════════════════════════════════════
+
+func (v *visitor) VisitQuery(ctx *grammar.QueryContext) any {
+	return v.visit(ctx.Expression())
+}
+
+func (v *visitor) VisitExpression(ctx *grammar.ExpressionContext) any {
+	return v.visit(ctx.OrExpression())
+}
+
+func (v *visitor) VisitOrExpression(ctx *grammar.OrExpressionContext) any {
+	parts := ctx.AllAndExpression()
+	frags := make([]*fragment, 0, len(parts))
+	for _, p := range parts {
+		if f, ok := v.visit(p).(*fragment); ok && f != nil {
+			frags = append(frags, f)
+		}
+	}
+	return joinFragments(frags, "OR")
+}
+
+func (v *visitor) VisitAndExpression(ctx *grammar.AndExpressionContext) any {
+	parts := ctx.AllUnaryExpression()
+	frags := make([]*fragment, 0, len(parts))
+	for _, p := range parts {
+		if f, ok := v.visit(p).(*fragment); ok && f != nil {
+			frags = append(frags, f)
+		}
+	}
+	return joinFragments(frags, "AND")
+}
+
+func (v *visitor) VisitUnaryExpression(ctx *grammar.UnaryExpressionContext) any {
+	f, _ := v.visit(ctx.Primary()).(*fragment)
+	if f == nil {
+		return nil
+	}
+	if ctx.NOT() != nil {
+		return newFragment("NOT ("+f.sql+")", f.args...)
+	}
+	return f
+}
+
+func (v *visitor) VisitPrimary(ctx *grammar.PrimaryContext) any {
+	if ctx.OrExpression() != nil {
+		f, _ := v.visit(ctx.OrExpression()).(*fragment)
+		if f == nil {
+			return nil
+		}
+		return newFragment("("+f.sql+")", f.args...)
+	}
+	if ctx.Comparison() != nil {
+		return v.visit(ctx.Comparison())
+	}
+	// Bare keys, values, full text, and function calls are not part of the
+	// dashboard list DSL.
+	v.addErr("unsupported expression %q — every term must be of the form `key OP value`", ctx.GetText())
+	return nil
+}
+
+// VisitComparison dispatches a single `key OP value` term. A key that matches
+// a reserved DSL key (name, description, etc.) becomes a column-level
+// predicate; any other identifier is treated as a tag key — the operator
+// applies to the tag's value, with a case-insensitive match on the tag's key.
+func (v *visitor) VisitComparison(ctx *grammar.ComparisonContext) any {
+	key, ok := v.parseKey(ctx)
+	if !ok {
+		return nil
+	}
+
+	op, ok := v.opFromContext(ctx)
+	if !ok {
+		return nil
+	}
+
+	if reservedOpSet, isReserved := reservedOps[dashboardtypes.DSLKey(key)]; isReserved {
+		if _, allowed := reservedOpSet[op]; !allowed {
+			v.addErr("operator %s is not allowed for key %q", opName(op), key)
+			return nil
+		}
+		switch dashboardtypes.DSLKey(key) {
+		case dashboardtypes.DSLKeyName:
+			return v.emitJSONStringComparison(ctx, op, "$.spec.display.name")
+		case dashboardtypes.DSLKeyDescription:
+			return v.emitJSONStringComparison(ctx, op, "$.spec.display.description")
+		case dashboardtypes.DSLKeyCreatedAt:
+			return v.emitTimestampComparison(ctx, op, "dashboard.created_at")
+		case dashboardtypes.DSLKeyUpdatedAt:
+			return v.emitTimestampComparison(ctx, op, "dashboard.updated_at")
+		case dashboardtypes.DSLKeyCreatedBy:
+			return v.emitStringComparison(ctx, op, "dashboard.created_by")
+		case dashboardtypes.DSLKeyLocked:
+			return v.emitBoolComparison(ctx, op, "dashboard.locked")
+		case dashboardtypes.DSLKeyPublic:
+			return v.emitPublicComparison(ctx, op)
+		}
+	}
+
+	if _, allowed := tagKeyOps[op]; !allowed {
+		v.addErr("operator %s is not allowed on a tag-key filter", opName(op))
+		return nil
+	}
+	return v.emitTagComparison(ctx, op, key)
+}
+
+func (v *visitor) parseKey(ctx *grammar.ComparisonContext) (string, bool) {
+	keyText := strings.ToLower(strings.TrimSpace(ctx.Key().GetText()))
+	if keyText == "" {
+		v.addErr("filter key cannot be empty")
+		return "", false
+	}
+	return keyText, true
+}
+
+func (v *visitor) opFromContext(ctx *grammar.ComparisonContext) (qbtypesv5.FilterOperator, bool) {
+	switch {
+	case ctx.EQUALS() != nil:
+		return qbtypesv5.FilterOperatorEqual, true
+	case ctx.NOT_EQUALS() != nil, ctx.NEQ() != nil:
+		return qbtypesv5.FilterOperatorNotEqual, true
+	case ctx.LT() != nil:
+		return qbtypesv5.FilterOperatorLessThan, true
+	case ctx.LE() != nil:
+		return qbtypesv5.FilterOperatorLessThanOrEq, true
+	case ctx.GT() != nil:
+		return qbtypesv5.FilterOperatorGreaterThan, true
+	case ctx.GE() != nil:
+		return qbtypesv5.FilterOperatorGreaterThanOrEq, true
+	case ctx.BETWEEN() != nil:
+		if ctx.NOT() != nil {
+			return qbtypesv5.FilterOperatorNotBetween, true
+		}
+		return qbtypesv5.FilterOperatorBetween, true
+	case ctx.LIKE() != nil:
+		if ctx.NOT() != nil {
+			return qbtypesv5.FilterOperatorNotLike, true
+		}
+		return qbtypesv5.FilterOperatorLike, true
+	case ctx.ILIKE() != nil:
+		if ctx.NOT() != nil {
+			return qbtypesv5.FilterOperatorNotILike, true
+		}
+		return qbtypesv5.FilterOperatorILike, true
+	case ctx.CONTAINS() != nil:
+		if ctx.NOT() != nil {
+			return qbtypesv5.FilterOperatorNotContains, true
+		}
+		return qbtypesv5.FilterOperatorContains, true
+	case ctx.REGEXP() != nil:
+		if ctx.NOT() != nil {
+			return qbtypesv5.FilterOperatorNotRegexp, true
+		}
+		return qbtypesv5.FilterOperatorRegexp, true
+	case ctx.InClause() != nil:
+		return qbtypesv5.FilterOperatorIn, true
+	case ctx.NotInClause() != nil:
+		return qbtypesv5.FilterOperatorNotIn, true
+	case ctx.EXISTS() != nil:
+		if ctx.NOT() != nil {
+			return qbtypesv5.FilterOperatorNotExists, true
+		}
+		return qbtypesv5.FilterOperatorExists, true
+	}
+	v.addErr("could not determine operator in expression %q", ctx.GetText())
+	return qbtypesv5.FilterOperatorUnknown, false
+}
+
+// ─── per-key emitters ────────────────────────────────────────────────────────
+
+func (v *visitor) emitJSONStringComparison(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator, jsonPath string) *fragment {
+	colExpr := string(v.formatter.JSONExtractString("dashboard.data", jsonPath))
+	return v.emitStringOp(ctx, op, colExpr, string(dashboardtypes.DSLKeyName))
+}
+
+func (v *visitor) emitStringComparison(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator, colExpr string) *fragment {
+	return v.emitStringOp(ctx, op, colExpr, string(dashboardtypes.DSLKeyCreatedBy))
+}
+
+// emitStringOp covers all the operators the spec allows on text-shaped keys
+// (name, description, created_by). Tag uses a separate emitter that wraps each
+// produced fragment in an EXISTS subquery.
+func (v *visitor) emitStringOp(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator, colExpr, keyForErr string) *fragment {
+	switch op {
+	case qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual,
+		qbtypesv5.FilterOperatorLike, qbtypesv5.FilterOperatorNotLike:
+		val, ok := v.singleString(ctx, keyForErr)
+		if !ok {
+			return nil
+		}
+		return newFragment(colExpr+" "+opName(op)+" ?", val)
+	case qbtypesv5.FilterOperatorILike, qbtypesv5.FilterOperatorNotILike:
+		val, ok := v.singleString(ctx, keyForErr)
+		if !ok {
+			return nil
+		}
+		// SQLite has no ILIKE keyword and Postgres LIKE is case-sensitive — emit
+		// LOWER(col) LIKE LOWER(?) so behavior is identical on both dialects.
+		lowerCol := string(v.formatter.LowerExpression(colExpr))
+		return newFragment(lowerCol+" "+opName(iLikeToLike(op))+" LOWER(?)", val)
+	case qbtypesv5.FilterOperatorContains, qbtypesv5.FilterOperatorNotContains:
+		val, ok := v.singleString(ctx, keyForErr)
+		if !ok {
+			return nil
+		}
+		return newFragment(colExpr+" "+opName(containsToLike(op))+" ?", "%"+escapeLike(val)+"%")
+	case qbtypesv5.FilterOperatorRegexp, qbtypesv5.FilterOperatorNotRegexp:
+		v.addErr("REGEXP filtering on %q is not yet supported", keyForErr)
+		return nil
+	case qbtypesv5.FilterOperatorIn, qbtypesv5.FilterOperatorNotIn:
+		vals, ok := v.stringList(ctx, keyForErr)
+		if !ok {
+			return nil
+		}
+		return inFragment(colExpr, op, vals)
+	}
+	v.addErr("operator %s on %q is not implemented", opName(op), keyForErr)
+	return nil
+}
+
+func (v *visitor) emitTimestampComparison(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator, colExpr string) *fragment {
+	switch op {
+	case qbtypesv5.FilterOperatorEqual, qbtypesv5.FilterOperatorNotEqual,
+		qbtypesv5.FilterOperatorLessThan, qbtypesv5.FilterOperatorLessThanOrEq,
+		qbtypesv5.FilterOperatorGreaterThan, qbtypesv5.FilterOperatorGreaterThanOrEq:
+		t, ok := v.singleTimestamp(ctx)
+		if !ok {
+			return nil
+		}
+		return newFragment(colExpr+" "+opName(op)+" ?", t)
+	case qbtypesv5.FilterOperatorBetween, qbtypesv5.FilterOperatorNotBetween:
+		ts, ok := v.twoTimestamps(ctx)
+		if !ok {
+			return nil
+		}
+		return newFragment(colExpr+" "+opName(op)+" ? AND ?", ts[0], ts[1])
+	}
+	v.addErr("operator %s on timestamp is not implemented", opName(op))
+	return nil
+}
+
+func (v *visitor) emitBoolComparison(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator, colExpr string) *fragment {
+	b, ok := v.singleBool(ctx)
+	if !ok {
+		return nil
+	}
+	return newFragment(colExpr+" "+opName(op)+" ?", b)
+}
+
+// emitPublicComparison renders `public = true|false` against the LEFT-joined
+// public_dashboard alias `pd`. The spec says public is a virtual column whose
+// truthiness is the existence of a row in public_dashboard.
+func (v *visitor) emitPublicComparison(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator) *fragment {
+	b, ok := v.singleBool(ctx)
+	if !ok {
+		return nil
+	}
+	want := b
+	if op == qbtypesv5.FilterOperatorNotEqual {
+		want = !b
+	}
+	if want {
+		return newFragment("pd.id IS NOT NULL")
+	}
+	return newFragment("pd.id IS NULL")
+}
+
+// TODO: drop the extra quotes once coretypes.Kind stops being double-encoded
+// in the tag_relation.kind column.
+const tagSubqueryPrefix = "SELECT 1 FROM tag_relation tr JOIN tag t ON t.id = tr.tag_id " +
+	`WHERE tr.kind = '"dashboard"' AND tr.resource_id = dashboard.id ` +
+	"AND LOWER(t.key) = LOWER(?)"
+
+// emitTagComparison wraps the inner predicate in EXISTS (or NOT EXISTS for the
+// negated operators). The inner predicate matches the tag's key
+// case-insensitively and applies the user's operator to the tag's value.
+// EXISTS / NOT EXISTS skip the value predicate — they assert the existence
+// (or absence) of any tag with the given key.
+func (v *visitor) emitTagComparison(ctx *grammar.ComparisonContext, op qbtypesv5.FilterOperator, key string) *fragment {
+	if op == qbtypesv5.FilterOperatorExists || op == qbtypesv5.FilterOperatorNotExists {
+		wrapper := "EXISTS"
+		if op == qbtypesv5.FilterOperatorNotExists {
+			wrapper = "NOT EXISTS"
+		}
+		return newFragment(wrapper+" ("+tagSubqueryPrefix+")", key)
+	}
+
+	// All other tag operators take the positive form of the value predicate
+	// and toggle the EXISTS wrapper for negation. Inverse() flips Not<X> → <X>.
+	negated := op.IsNegativeOperator()
+	posOp := op
+	if negated {
+		posOp = op.Inverse()
+	}
+	inner := v.emitStringOp(ctx, posOp, "t.value", key)
+	if inner == nil {
+		return nil
+	}
+	wrapper := "EXISTS"
+	if negated {
+		wrapper = "NOT EXISTS"
+	}
+	args := append([]any{key}, inner.args...)
+	return newFragment(wrapper+" ("+tagSubqueryPrefix+" AND "+inner.sql+")", args...)
+}
+
+// ─── value extraction helpers ───────────────────────────────────────────────
+
+func (v *visitor) addErr(format string, args ...any) {
+	v.errors = append(v.errors, fmt.Sprintf(format, args...))
+}
+
+func (v *visitor) singleString(ctx *grammar.ComparisonContext, keyForErr string) (string, bool) {
+	values := ctx.AllValue()
+	if len(values) != 1 {
+		v.addErr("expected exactly one value for %q", keyForErr)
+		return "", false
+	}
+	return v.stringValue(values[0], keyForErr)
+}
+
+func (v *visitor) singleBool(ctx *grammar.ComparisonContext) (bool, bool) {
+	values := ctx.AllValue()
+	if len(values) != 1 {
+		v.addErr("expected a single boolean (true/false)")
+		return false, false
+	}
+	return v.boolValue(values[0])
+}
+
+func (v *visitor) singleTimestamp(ctx *grammar.ComparisonContext) (time.Time, bool) {
+	values := ctx.AllValue()
+	if len(values) != 1 {
+		v.addErr("expected a single RFC3339 timestamp")
+		return time.Time{}, false
+	}
+	return v.timestampValue(values[0])
+}
+
+func (v *visitor) twoTimestamps(ctx *grammar.ComparisonContext) ([2]time.Time, bool) {
+	values := ctx.AllValue()
+	if len(values) != 2 {
+		v.addErr("BETWEEN expects two RFC3339 timestamps")
+		return [2]time.Time{}, false
+	}
+	a, ok1 := v.timestampValue(values[0])
+	b, ok2 := v.timestampValue(values[1])
+	if !ok1 || !ok2 {
+		return [2]time.Time{}, false
+	}
+	return [2]time.Time{a, b}, true
+}
+
+func (v *visitor) stringList(ctx *grammar.ComparisonContext, keyForErr string) ([]string, bool) {
+	var valuesCtx []grammar.IValueContext
+	switch {
+	case ctx.InClause() != nil:
+		ic := ctx.InClause()
+		if ic.ValueList() != nil {
+			valuesCtx = ic.ValueList().AllValue()
+		} else {
+			valuesCtx = []grammar.IValueContext{ic.Value()}
+		}
+	case ctx.NotInClause() != nil:
+		nc := ctx.NotInClause()
+		if nc.ValueList() != nil {
+			valuesCtx = nc.ValueList().AllValue()
+		} else {
+			valuesCtx = []grammar.IValueContext{nc.Value()}
+		}
+	default:
+		v.addErr("IN clause is missing for %q", keyForErr)
+		return nil, false
+	}
+	if len(valuesCtx) == 0 {
+		v.addErr("IN list for %q is empty", keyForErr)
+		return nil, false
+	}
+	out := make([]string, 0, len(valuesCtx))
+	for _, vc := range valuesCtx {
+		s, ok := v.stringValue(vc, keyForErr)
+		if !ok {
+			return nil, false
+		}
+		out = append(out, s)
+	}
+	return out, true
+}
+
+func (v *visitor) stringValue(ctx grammar.IValueContext, keyForErr string) (string, bool) {
+	if ctx.QUOTED_TEXT() != nil {
+		return trimQuotes(ctx.QUOTED_TEXT().GetText()), true
+	}
+	if ctx.KEY() != nil {
+		// Bare tokens are accepted as strings, mirroring the FilterQuery lexer's
+		// treatment of unquoted identifiers on the value side.
+		return ctx.KEY().GetText(), true
+	}
+	v.addErr("expected a string value for %q, got %q", keyForErr, ctx.GetText())
+	return "", false
+}
+
+func (v *visitor) boolValue(ctx grammar.IValueContext) (bool, bool) {
+	if ctx.BOOL() == nil {
+		v.addErr("expected a boolean (true/false), got %q", ctx.GetText())
+		return false, false
+	}
+	return strings.EqualFold(ctx.BOOL().GetText(), "true"), true
+}
+
+func (v *visitor) timestampValue(ctx grammar.IValueContext) (time.Time, bool) {
+	if ctx.QUOTED_TEXT() == nil {
+		v.addErr("expected an RFC3339 timestamp string, got %q", ctx.GetText())
+		return time.Time{}, false
+	}
+	raw := trimQuotes(ctx.QUOTED_TEXT().GetText())
+	t, err := time.Parse(time.RFC3339, raw)
+	if err != nil {
+		v.addErr("invalid RFC3339 timestamp %q: %s", raw, err.Error())
+		return time.Time{}, false
+	}
+	return t, true
+}
+
+// ─── fragment helpers ────────────────────────────────────────────────────────
+
+func joinFragments(frags []*fragment, conn string) *fragment {
+	if len(frags) == 0 {
+		return nil
+	}
+	if len(frags) == 1 {
+		return frags[0]
+	}
+	parts := make([]string, len(frags))
+	args := make([]any, 0)
+	for i, f := range frags {
+		parts[i] = f.sql
+		args = append(args, f.args...)
+	}
+	return newFragment(strings.Join(parts, " "+conn+" "), args...)
+}
+
+func inFragment(colExpr string, op qbtypesv5.FilterOperator, vals []string) *fragment {
+	placeholders := strings.Repeat("?, ", len(vals))
+	placeholders = placeholders[:len(placeholders)-2]
+	args := make([]any, len(vals))
+	for i, s := range vals {
+		args[i] = s
+	}
+	return newFragment(colExpr+" "+opName(op)+" ("+placeholders+")", args...)
+}
+
+// opName returns the user-facing spelling of a FilterOperator. For the
+// operators we emit directly into SQL (=, !=, <, LIKE, IN, BETWEEN, …) the
+// spelling doubles as the SQL keyword. For the operators we don't emit
+// directly (ILIKE, CONTAINS, REGEXP, EXISTS, NOT EXISTS) it's only used in
+// error messages.
+func opName(op qbtypesv5.FilterOperator) string {
+	switch op {
+	case qbtypesv5.FilterOperatorEqual:
+		return "="
+	case qbtypesv5.FilterOperatorNotEqual:
+		return "!="
+	case qbtypesv5.FilterOperatorLessThan:
+		return "<"
+	case qbtypesv5.FilterOperatorLessThanOrEq:
+		return "<="
+	case qbtypesv5.FilterOperatorGreaterThan:
+		return ">"
+	case qbtypesv5.FilterOperatorGreaterThanOrEq:
+		return ">="
+	case qbtypesv5.FilterOperatorBetween:
+		return "BETWEEN"
+	case qbtypesv5.FilterOperatorNotBetween:
+		return "NOT BETWEEN"
+	case qbtypesv5.FilterOperatorLike:
+		return "LIKE"
+	case qbtypesv5.FilterOperatorNotLike:
+		return "NOT LIKE"
+	case qbtypesv5.FilterOperatorILike:
+		return "ILIKE"
+	case qbtypesv5.FilterOperatorNotILike:
+		return "NOT ILIKE"
+	case qbtypesv5.FilterOperatorContains:
+		return "CONTAINS"
+	case qbtypesv5.FilterOperatorNotContains:
+		return "NOT CONTAINS"
+	case qbtypesv5.FilterOperatorRegexp:
+		return "REGEXP"
+	case qbtypesv5.FilterOperatorNotRegexp:
+		return "NOT REGEXP"
+	case qbtypesv5.FilterOperatorIn:
+		return "IN"
+	case qbtypesv5.FilterOperatorNotIn:
+		return "NOT IN"
+	case qbtypesv5.FilterOperatorExists:
+		return "EXISTS"
+	case qbtypesv5.FilterOperatorNotExists:
+		return "NOT EXISTS"
+	}
+	return "?"
+}
+
+// iLikeToLike maps ILIKE → LIKE for the LOWER(col) LIKE LOWER(?) emission.
+func iLikeToLike(op qbtypesv5.FilterOperator) qbtypesv5.FilterOperator {
+	if op == qbtypesv5.FilterOperatorNotILike {
+		return qbtypesv5.FilterOperatorNotLike
+	}
+	return qbtypesv5.FilterOperatorLike
+}
+
+// containsToLike maps CONTAINS → LIKE for the LIKE '%val%' emission.
+func containsToLike(op qbtypesv5.FilterOperator) qbtypesv5.FilterOperator {
+	if op == qbtypesv5.FilterOperatorNotContains {
+		return qbtypesv5.FilterOperatorNotLike
+	}
+	return qbtypesv5.FilterOperatorLike
+}
+
+// escapeLike escapes the LIKE meta-characters % and _ in user input so that a
+// CONTAINS query of `50%` doesn't match every value containing `50`.
+func escapeLike(s string) string {
+	r := strings.NewReplacer(`\`, `\\`, `%`, `\%`, `_`, `\_`)
+	return r.Replace(s)
+}
+
+func trimQuotes(s string) string {
+	if len(s) >= 2 {
+		if (s[0] == '"' && s[len(s)-1] == '"') || (s[0] == '\'' && s[len(s)-1] == '\'') {
+			s = s[1 : len(s)-1]
+		}
+	}
+	s = strings.ReplaceAll(s, `\\`, `\`)
+	s = strings.ReplaceAll(s, `\'`, `'`)
+	return s
+}

pkg/types/dashboardtypes/perses_dashboard.go

@@ -32,6 +32,7 @@ const (
 	DSLKeyCreatedBy   DSLKey = "created_by"
 	DSLKeyLocked      DSLKey = "locked"
 	DSLKeyPublic      DSLKey = "public"
+	DSLKeySource      DSLKey = "source"
 )
 
 // reservedDSLKeys are dashboard column-level filter names in the list-query DSL.
@@ -45,6 +46,7 @@ var reservedDSLKeys = map[DSLKey]struct{}{
 	DSLKeyCreatedBy:   {},
 	DSLKeyLocked:      {},
 	DSLKeyPublic:      {},
+	DSLKeySource:      {},
 }
 
 type DashboardV2 struct {
@@ -62,6 +64,54 @@ type DashboardV2 struct {
 	Spec DashboardSpec   `json:"spec" required:"true"`
 }
 
+func (d *DashboardV2) CanUpdate() error {
+	if d.Source == SourceIntegration {
+		return errors.Newf(errors.TypeInvalidInput, ErrCodeDashboardImmutable, "integration dashboards cannot be modified")
+	}
+	if d.Locked {
+		return errors.Newf(errors.TypeInvalidInput, errors.CodeInvalidInput, "cannot update a locked dashboard, please unlock the dashboard to update")
+	}
+	return nil
+}
+
+func (d *DashboardV2) Update(updatable UpdatableDashboardV2, updatedBy string, resolvedTags []*tagtypes.Tag) error {
+	if err := d.CanUpdate(); err != nil {
+		return err
+	}
+	if updatable.Name != d.Name {
+		return errors.NewInvalidInputf(ErrCodeDashboardImmutable, "name is immutable; cannot change from %q to %q", d.Name, updatable.Name)
+	}
+	d.DashboardV2MetadataBase = updatable.DashboardV2MetadataBase
+	d.Tags = resolvedTags
+	d.Spec = updatable.Spec
+	d.UpdatedBy = updatedBy
+	d.UpdatedAt = time.Now()
+	return nil
+}
+
+func (d *DashboardV2) CanLockUnlock(isAdmin bool, updatedBy string) error {
+	if d.Source == SourceIntegration {
+		return errors.Newf(errors.TypeInvalidInput, ErrCodeDashboardImmutable, "integration dashboards cannot be locked or unlocked")
+	}
+	if d.Source == SourceSystem {
+		return errors.Newf(errors.TypeInvalidInput, ErrCodeDashboardImmutable, "system dashboards cannot be locked or unlocked")
+	}
+	if d.CreatedBy != updatedBy && !isAdmin {
+		return errors.Newf(errors.TypeForbidden, errors.CodeForbidden, "you are not authorized to lock/unlock this dashboard")
+	}
+	return nil
+}
+
+func (d *DashboardV2) LockUnlock(lock bool, isAdmin bool, updatedBy string) error {
+	if err := d.CanLockUnlock(isAdmin, updatedBy); err != nil {
+		return err
+	}
+	d.Locked = lock
+	d.UpdatedBy = updatedBy
+	d.UpdatedAt = time.Now()
+	return nil
+}
+
 type DashboardV2MetadataBase struct {
 	SchemaVersion string `json:"schemaVersion" required:"true"`
 	Image         string `json:"image,omitempty"`
@@ -126,7 +176,7 @@ func (p *PostableDashboardV2) Validate() error {
 	if err := p.validateName(); err != nil {
 		return err
 	}
-	if err := p.validateTags(); err != nil {
+	if err := validateDashboardTags(p.Tags); err != nil {
 		return err
 	}
 	return p.Spec.Validate()
@@ -193,11 +243,11 @@ func generateDashboardName(displayName string) string {
 	return prefix + "-" + string(suffix)
 }
 
-func (p *PostableDashboardV2) validateTags() error {
-	if len(p.Tags) > MaxTagsPerDashboard {
+func validateDashboardTags(tags []tagtypes.PostableTag) error {
+	if len(tags) > MaxTagsPerDashboard {
 		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "a dashboard can have at most %d tags", MaxTagsPerDashboard)
 	}
-	for _, tag := range p.Tags {
+	for _, tag := range tags {
 		if _, reserved := reservedDSLKeys[DSLKey(strings.ToLower(strings.TrimSpace(tag.Key)))]; reserved {
 			return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "tag key %q is reserved", tag.Key)
 		}
@@ -263,6 +313,57 @@ func (s StorableDashboardV2Data) toStorableDashboardData() (StorableDashboardDat
 
 type StorableDashboardV2Metadata = DashboardV2MetadataBase
 
+// ════════════════════════════════════════════════════════════════════════
+// Updatable
+// ════════════════════════════════════════════════════════════════════════
+
+type UpdatableDashboardV2 struct {
+	DashboardV2MetadataBase
+	Name string                 `json:"name" required:"true"`
+	Tags []tagtypes.PostableTag `json:"tags" required:"true"`
+	Spec DashboardSpec          `json:"spec" required:"true"`
+}
+
+func (u *UpdatableDashboardV2) UnmarshalJSON(data []byte) error {
+	dec := json.NewDecoder(bytes.NewReader(data))
+	dec.DisallowUnknownFields()
+	type alias UpdatableDashboardV2
+	var tmp alias
+	if err := dec.Decode(&tmp); err != nil {
+		return errors.WrapInvalidInputf(err, ErrCodeDashboardInvalidInput, "%s", err.Error())
+	}
+	*u = UpdatableDashboardV2(tmp)
+	if u.Spec.Display == nil {
+		u.Spec.Display = &common.Display{}
+	}
+	if u.Spec.Display.Name == "" {
+		u.Spec.Display.Name = u.Name
+	}
+	return u.Validate()
+}
+
+func (u *UpdatableDashboardV2) Validate() error {
+	if u.SchemaVersion != SchemaVersion {
+		return errors.NewInvalidInputf(ErrCodeDashboardInvalidInput, "schemaVersion must be %q, got %q", SchemaVersion, u.SchemaVersion)
+	}
+	if err := validateDashboardName(u.Name); err != nil {
+		return err
+	}
+	if err := validateDashboardTags(u.Tags); err != nil {
+		return err
+	}
+	return u.Spec.Validate()
+}
+
+func (d DashboardV2) toUpdatableDashboardV2() UpdatableDashboardV2 {
+	return UpdatableDashboardV2{
+		DashboardV2MetadataBase: d.DashboardV2MetadataBase,
+		Name:                    d.Name,
+		Tags:                    tagtypes.NewPostableTagsFromTags(d.Tags),
+		Spec:                    d.Spec,
+	}
+}
+
 // ════════════════════════════════════════════════════════════════════════
 // Convertors
 // ════════════════════════════════════════════════════════════════════════

pkg/types/dashboardtypes/perses_dashboard_patch.go

@@ -0,0 +1,83 @@
+package dashboardtypes
+
+import (
+	"encoding/json"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	jsonpatch "github.com/evanphx/json-patch/v5"
+	"github.com/swaggest/jsonschema-go"
+)
+
+// PatchableDashboardV2 is an RFC 6902 patch request.
+type PatchableDashboardV2 struct {
+	// Ops shapes the OpenAPI schema; tagged so swaggest reflects it.
+	Ops []JSONPatchOperation `json:"ops"`
+	// patch holds the decoded payload, set by UnmarshalJSON.
+	patch jsonpatch.Patch
+}
+
+// PrepareJSONSchema collapses the struct's object schema into the bare ops array.
+func (PatchableDashboardV2) PrepareJSONSchema(s *jsonschema.Schema) error {
+	// Called on several passes; only the one with built properties carries `ops`.
+	ops, ok := s.Properties["ops"]
+	if !ok || ops.TypeObject == nil {
+		return nil
+	}
+	*s = *ops.TypeObject
+	return nil
+}
+
+type JSONPatchOperation struct {
+	Op   PatchOp `json:"op" required:"true"`
+	Path string  `json:"path" required:"true" description:"JSON Pointer (RFC 6901) into the dashboard's postable shape — e.g. /spec/display/name, /spec/panels/<id>, /spec/panels/<id>/spec/queries/0, /tags/-."`
+	// `value` is required for add/replace/test.
+	Value any `json:"value,omitempty" description:"Value to add/replace/test against. The expected type depends on the path. Common shapes (see referenced schemas for the exact field set): /spec/panels/<id> takes a DashboardtypesPanel; /spec/panels/<id>/spec/queries/N (or /-) takes a DashboardtypesQuery; /spec/variables/N takes a DashboardtypesVariable; /spec/layouts/N takes a DashboardtypesLayout; /tags/N (or /-) takes a TagtypesPostableTag; /spec/display/name and other leaf string fields take a string. Required for add/replace/test; ignored for remove/move/copy."`
+	// `from` is required for move/copy.
+	From string `json:"from,omitempty" description:"Source JSON Pointer for move/copy ops; ignored for other ops."`
+}
+
+// PatchOp covers the six RFC 6902 JSON Patch verbs.
+type PatchOp struct{ valuer.String }
+
+var (
+	PatchOpAdd     = PatchOp{valuer.NewString("add")}
+	PatchOpRemove  = PatchOp{valuer.NewString("remove")}
+	PatchOpReplace = PatchOp{valuer.NewString("replace")}
+	PatchOpMove    = PatchOp{valuer.NewString("move")}
+	PatchOpCopy    = PatchOp{valuer.NewString("copy")}
+	PatchOpTest    = PatchOp{valuer.NewString("test")}
+)
+
+func (PatchOp) Enum() []any {
+	return []any{PatchOpAdd, PatchOpRemove, PatchOpReplace, PatchOpMove, PatchOpCopy, PatchOpTest}
+}
+
+func (p *PatchableDashboardV2) UnmarshalJSON(data []byte) error {
+	patch, err := jsonpatch.DecodePatch(data)
+	if err != nil {
+		return errors.New(errors.TypeInvalidInput, ErrCodeDashboardInvalidPatch, "request body is not a valid RFC 6902 JSON Patch document").WithAdditional(err.Error())
+	}
+	if err := json.Unmarshal(data, &p.Ops); err != nil {
+		return errors.New(errors.TypeInvalidInput, ErrCodeDashboardInvalidPatch, "request body is not a valid RFC 6902 JSON Patch document").WithAdditional(err.Error())
+	}
+	p.patch = patch
+	return nil
+}
+
+func (p PatchableDashboardV2) Apply(existing *DashboardV2) (*UpdatableDashboardV2, error) {
+	existingAsUpdatable := existing.toUpdatableDashboardV2()
+	raw, err := json.Marshal(existingAsUpdatable)
+	if err != nil {
+		return nil, errors.WrapInternalf(err, errors.CodeInternal, "marshal existing dashboard for patch")
+	}
+	patched, err := p.patch.ApplyWithOptions(raw, &jsonpatch.ApplyOptions{AllowMissingPathOnRemove: true, EnsurePathExistsOnAdd: true})
+	if err != nil {
+		return nil, errors.Wrap(err, errors.TypeInvalidInput, ErrCodeDashboardInvalidPatch, "JSON Patch could not be applied to the target dashboard")
+	}
+	out := &UpdatableDashboardV2{}
+	if err := json.Unmarshal(patched, out); err != nil {
+		return nil, err
+	}
+	return out, nil
+}

pkg/types/dashboardtypes/perses_dashboard_patch_test.go

@@ -0,0 +1,569 @@
+package dashboardtypes
+
+import (
+	"encoding/json"
+	"strings"
+	"testing"
+
+	"github.com/SigNoz/signoz/pkg/types/tagtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+// basePostableJSON is the postable shape of a small but realistic v2
+// dashboard used as the base document for patch tests. Each panel carries
+// one builder query in the same shape production dashboards use
+// (aggregations, filter, groupBy populated), and the dashboard has one
+// variable — the variable is not patched in any test here, that's
+// covered in a separate variable-focused suite.
+const basePostableJSON = `{
+	"schemaVersion": "v6",
+	"name": "service-overview",
+	"tags": [{"key": "team", "value": "alpha"}, {"key": "env", "value": "prod"}],
+	"spec": {
+		"display": {"name": "Service overview"},
+		"variables": [
+			{
+				"kind": "ListVariable",
+				"spec": {
+					"name": "service",
+					"allowAllValue": true,
+					"allowMultiple": false,
+					"plugin": {
+						"kind": "signoz/DynamicVariable",
+						"spec": {"name": "service.name", "signal": "metrics"}
+					}
+				}
+			}
+		],
+		"panels": {
+			"p1": {
+				"kind": "Panel",
+				"spec": {
+					"plugin": {"kind": "signoz/TimeSeriesPanel", "spec": {}},
+					"queries": [
+						{
+							"kind": "TimeSeriesQuery",
+							"spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+								"name": "A",
+								"signal": "metrics",
+								"aggregations": [{
+									"metricName": "signoz_calls_total",
+									"temporality": "cumulative",
+									"timeAggregation": "rate",
+									"spaceAggregation": "sum"
+								}],
+								"filter": {"expression": "service.name IN $service"},
+								"groupBy": [{"name": "service.name", "fieldDataType": "string", "fieldContext": "tag"}]
+							}}}
+						}
+					]
+				}
+			},
+			"p2": {
+				"kind": "Panel",
+				"spec": {
+					"plugin": {"kind": "signoz/NumberPanel", "spec": {}},
+					"queries": [
+						{
+							"kind": "TimeSeriesQuery",
+							"spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+								"name": "X",
+								"signal": "metrics",
+								"aggregations": [{
+									"metricName": "signoz_latency_count",
+									"temporality": "cumulative",
+									"timeAggregation": "rate",
+									"spaceAggregation": "sum"
+								}]
+							}}}
+						}
+					]
+				}
+			}
+		},
+		"layouts": [
+			{
+				"kind": "Grid",
+				"spec": {
+					"display": {"title": "Row 1"},
+					"items": [
+						{"x": 0, "y": 0, "width": 6, "height": 6, "content": {"$ref": "#/spec/panels/p1"}},
+						{"x": 6, "y": 0, "width": 6, "height": 6, "content": {"$ref": "#/spec/panels/p2"}}
+					]
+				}
+			}
+		],
+		"duration": "1h"
+	}
+}`
+
+func TestPatchableDashboardV2_Apply(t *testing.T) {
+	// Apply doesn't mutate the input *DashboardV2 — it marshals it to
+	// JSON, applies the patch, and unmarshals the result into a fresh
+	// struct. Sharing one base across subtests is safe.
+	var p PostableDashboardV2
+	require.NoError(t, json.Unmarshal([]byte(basePostableJSON), &p), "base postable JSON must validate")
+	testOrgID := valuer.GenerateUUID()
+	base := p.NewDashboardV2(testOrgID, "somecreatedthisiguess@signoz.io", SourceUser)
+	base.Tags = []*tagtypes.Tag{
+		{Key: "team", Value: "alpha"},
+		{Key: "env", Value: "prod"},
+	}
+
+	decode := func(t *testing.T, body string) PatchableDashboardV2 {
+		t.Helper()
+		var patch PatchableDashboardV2
+		require.NoError(t, json.Unmarshal([]byte(body), &patch))
+		return patch
+	}
+
+	// jsonOf marshals the patched dashboard back to JSON so subtests can
+	// assert on field values without reaching into the typed plugin specs.
+	jsonOf := func(t *testing.T, out *UpdatableDashboardV2) string {
+		t.Helper()
+		raw, err := json.Marshal(out)
+		require.NoError(t, err)
+		return string(raw)
+	}
+
+	// ─────────────────────────────────────────────────────────────────
+	// Successful patches
+	// ─────────────────────────────────────────────────────────────────
+
+	t.Run("no-op preserves all fields", func(t *testing.T) {
+		out, err := decode(t, `[]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, base.DashboardV2MetadataBase, out.DashboardV2MetadataBase)
+		assert.Equal(t, tagtypes.NewPostableTagsFromTags(base.Tags), out.Tags)
+		assert.Equal(t, base.Spec.Display.Name, out.Spec.Display.Name)
+		require.Equal(t, len(base.Spec.Panels), len(out.Spec.Panels))
+		for k, panel := range base.Spec.Panels {
+			require.Contains(t, out.Spec.Panels, k)
+			assert.Equal(t, panel.Spec.Plugin.Kind, out.Spec.Panels[k].Spec.Plugin.Kind)
+		}
+		assert.Len(t, out.Tags, len(base.Tags))
+		assert.Len(t, out.Spec.Variables, len(base.Spec.Variables))
+		assert.Len(t, out.Spec.Layouts, len(base.Spec.Layouts))
+	})
+
+	t.Run("add metadata image", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "add", "path": "/image", "value": "https://example.com/img.png"}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, "https://example.com/img.png", out.Image)
+		assert.Equal(t, SchemaVersion, out.SchemaVersion, "schemaVersion preserved")
+	})
+
+	t.Run("replace display name", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "replace", "path": "/spec/display/name", "value": "Renamed"}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, "Renamed", out.Spec.Display.Name)
+	})
+
+	// Per RFC 6902 § 4.1, `add` on an existing object member replaces the
+	// existing value rather than erroring — same effect as `replace`.
+	t.Run("add overwrites existing display name", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "add", "path": "/spec/display/name", "value": "Overwritten"}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, "Overwritten", out.Spec.Display.Name)
+	})
+
+	t.Run("add data refreshInterval", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "add", "path": "/spec/refreshInterval", "value": "30s"}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, "30s", string(out.Spec.RefreshInterval))
+	})
+
+	t.Run("add panel leaves others untouched", func(t *testing.T) {
+		out, err := decode(t, `[{
+			"op": "add",
+			"path": "/spec/panels/p3",
+			"value": {
+				"kind": "Panel",
+				"spec": {
+					"plugin": {"kind": "signoz/TablePanel", "spec": {}},
+					"queries": [{
+						"kind": "TimeSeriesQuery",
+						"spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+							"name": "A",
+							"signal": "logs",
+							"aggregations": [{"expression": "count()"}]
+						}}}
+					}]
+				}
+			}
+		}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Len(t, out.Spec.Panels, 3)
+		assert.Contains(t, out.Spec.Panels, "p3")
+		// Plugin specs round-trip through MarshalJSON which resolves defaults
+		// (e.g. timePreference → "global_time"), so compare the serialized
+		// shape rather than the in-memory structs to skip that normalization.
+		for _, id := range []string{"p1", "p2"} {
+			wantJSON, err := json.Marshal(base.Spec.Panels[id])
+			require.NoError(t, err)
+			gotJSON, err := json.Marshal(out.Spec.Panels[id])
+			require.NoError(t, err)
+			assert.JSONEq(t, string(wantJSON), string(gotJSON), "panel %s untouched", id)
+		}
+	})
+
+	t.Run("replace single panel", func(t *testing.T) {
+		out, err := decode(t, `[{
+			"op": "replace",
+			"path": "/spec/panels/p2",
+			"value": {
+				"kind": "Panel",
+				"spec": {
+					"plugin": {"kind": "signoz/BarChartPanel", "spec": {}},
+					"queries": [{
+						"kind": "TimeSeriesQuery",
+						"spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+							"name": "A",
+							"signal": "metrics",
+							"aggregations": [{
+								"metricName": "signoz_calls_total",
+								"temporality": "cumulative",
+								"timeAggregation": "rate",
+								"spaceAggregation": "sum"
+							}]
+						}}}
+					}]
+				}
+			}
+		}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, PanelPluginKind("signoz/BarChartPanel"), out.Spec.Panels["p2"].Spec.Plugin.Kind)
+		assert.Equal(t, PanelPluginKind("signoz/TimeSeriesPanel"), out.Spec.Panels["p1"].Spec.Plugin.Kind, "p1 untouched")
+	})
+
+	// Removing a panel realistically also drops its layout item — exercise
+	// the multi-op shape the UI sends.
+	t.Run("remove panel and its layout item", func(t *testing.T) {
+		out, err := decode(t, `[
+			{"op": "remove", "path": "/spec/panels/p2"},
+			{"op": "remove", "path": "/spec/layouts/0/spec/items/1"}
+		]`).Apply(base)
+		require.NoError(t, err)
+		assert.Len(t, out.Spec.Panels, 1)
+		assert.Contains(t, out.Spec.Panels, "p1")
+		assert.NotContains(t, out.Spec.Panels, "p2")
+		raw := jsonOf(t, out)
+		assert.NotContains(t, raw, `"$ref":"#/spec/panels/p2"`)
+		assert.Contains(t, raw, `"$ref":"#/spec/panels/p1"`)
+	})
+
+	// The headline use case: edit a single field of a single query inside
+	// one panel without re-sending any other part of the dashboard.
+	t.Run("rename single query inside panel", func(t *testing.T) {
+		out, err := decode(t, `[{
+			"op": "replace",
+			"path": "/spec/panels/p1/spec/queries/0/spec/plugin/spec/name",
+			"value": "renamed"
+		}]`).Apply(base)
+		require.NoError(t, err)
+
+		require.Len(t, out.Spec.Panels["p1"].Spec.Queries, 1)
+		assert.Contains(t, jsonOf(t, out), `"name":"renamed"`)
+	})
+
+	// Replace a query at a specific index — swaps query "A" out for "B"
+	// without re-sending the rest of the panel.
+	t.Run("replace query at index", func(t *testing.T) {
+		out, err := decode(t, `[{
+			"op": "replace",
+			"path": "/spec/panels/p1/spec/queries/0",
+			"value": {
+				"kind": "TimeSeriesQuery",
+				"spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+					"name": "B",
+					"signal": "metrics",
+					"aggregations": [{
+						"metricName": "signoz_db_calls_total",
+						"temporality": "cumulative",
+						"timeAggregation": "rate",
+						"spaceAggregation": "sum"
+					}]
+				}}}
+			}
+		}]`).Apply(base)
+		require.NoError(t, err)
+		require.Len(t, out.Spec.Panels["p1"].Spec.Queries, 1)
+		raw := jsonOf(t, out)
+		assert.Contains(t, raw, `"name":"B"`)
+		assert.NotContains(t, raw, `"name":"A"`)
+	})
+
+	// ─────────────────────────────────────────────────────────────────
+	// Layout edits
+	// ─────────────────────────────────────────────────────────────────
+
+	t.Run("move panel by editing layout x coordinate", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "replace", "path": "/spec/layouts/0/spec/items/0/x", "value": 6}]`).Apply(base)
+		require.NoError(t, err)
+		raw := jsonOf(t, out)
+		// The first item used to live at x=0, now lives at x=6.
+		assert.Contains(t, raw, `"x":6,"y":0,"width":6,"height":6,"content":{"$ref":"#/spec/panels/p1"}`)
+	})
+
+	t.Run("resize panel by editing layout width", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "replace", "path": "/spec/layouts/0/spec/items/0/width", "value": 12}]`).Apply(base)
+		require.NoError(t, err)
+		raw := jsonOf(t, out)
+		assert.Contains(t, raw, `"width":12`)
+	})
+
+	t.Run("rename layout row title", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "replace", "path": "/spec/layouts/0/spec/display/title", "value": "Latency"}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Contains(t, jsonOf(t, out), `"title":"Latency"`)
+	})
+
+	t.Run("append layout item", func(t *testing.T) {
+		out, err := decode(t, `[{
+			"op": "add",
+			"path": "/spec/layouts/0/spec/items/-",
+			"value": {"x": 0, "y": 6, "width": 12, "height": 6, "content": {"$ref": "#/spec/panels/p1"}}
+		}]`).Apply(base)
+		require.NoError(t, err)
+		// Item count went 2 → 3.
+		raw := jsonOf(t, out)
+		assert.Equal(t, 3, strings.Count(raw, `"$ref":"#/spec/panels/`))
+	})
+
+	// Composing add-panel + add-layout-item is the realistic shape of the
+	// "add a new chart to my dashboard" UI flow — exercise it end-to-end.
+	t.Run("add panel and corresponding layout item", func(t *testing.T) {
+		out, err := decode(t, `[
+			{
+				"op": "add",
+				"path": "/spec/panels/p3",
+				"value": {
+					"kind": "Panel",
+					"spec": {
+						"plugin": {"kind": "signoz/TablePanel", "spec": {}},
+						"queries": [{
+							"kind": "TimeSeriesQuery",
+							"spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+								"name": "A",
+								"signal": "logs",
+								"aggregations": [{"expression": "count()"}]
+							}}}
+						}]
+					}
+				}
+			},
+			{
+				"op": "add",
+				"path": "/spec/layouts/0/spec/items/-",
+				"value": {"x": 0, "y": 6, "width": 12, "height": 6, "content": {"$ref": "#/spec/panels/p3"}}
+			}
+		]`).Apply(base)
+		require.NoError(t, err)
+		assert.Len(t, out.Spec.Panels, 3)
+		raw := jsonOf(t, out)
+		assert.Contains(t, raw, `"$ref":"#/spec/panels/p3"`)
+	})
+
+	t.Run("append tag", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "add", "path": "/tags/-", "value": {"key": "env", "value": "staging"}}]`).Apply(base)
+		require.NoError(t, err)
+		require.Len(t, out.Tags, 3)
+		assert.Equal(t, "env", out.Tags[2].Key)
+		assert.Equal(t, "staging", out.Tags[2].Value)
+	})
+
+	t.Run("append tag when none exist", func(t *testing.T) {
+		noTagsBase := &DashboardV2{
+			DashboardV2MetadataBase: base.DashboardV2MetadataBase,
+			Name:                    base.Name,
+			Tags:                    nil,
+			Spec:                    base.Spec,
+		}
+		out, err := decode(t, `[{"op": "add", "path": "/tags/-", "value": {"key": "team", "value": "new"}}]`).Apply(noTagsBase)
+		require.NoError(t, err)
+		require.Len(t, out.Tags, 1)
+		assert.Equal(t, "team", out.Tags[0].Key)
+		assert.Equal(t, "new", out.Tags[0].Value)
+	})
+
+	t.Run("replace tag value", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "replace", "path": "/tags/0/value", "value": "beta"}]`).Apply(base)
+		require.NoError(t, err)
+		require.Len(t, out.Tags, 2)
+		assert.Equal(t, "team", out.Tags[0].Key)
+		assert.Equal(t, "beta", out.Tags[0].Value)
+		assert.Equal(t, "env", out.Tags[1].Key, "tag at index 1 untouched")
+		assert.Equal(t, "prod", out.Tags[1].Value, "tag at index 1 untouched")
+		for _, tag := range out.Tags {
+			assert.NotEqual(t, "alpha", tag.Value, "old tag value must be gone")
+		}
+	})
+
+	t.Run("multiple ops applied in order", func(t *testing.T) {
+		out, err := decode(t, `[
+			{"op": "replace", "path": "/spec/display/name", "value": "Multi-step"},
+			{"op": "remove",  "path": "/spec/panels/p2"},
+			{"op": "add",     "path": "/tags/-", "value": {"key": "env", "value": "staging"}}
+		]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, "Multi-step", out.Spec.Display.Name)
+		assert.Len(t, out.Spec.Panels, 1)
+		assert.Len(t, out.Tags, 3)
+	})
+
+	// `test` is an RFC 6902 precondition op: aborts the patch if the value
+	// at the path doesn't equal the supplied value. Used for optimistic
+	// concurrency. Here it matches, so the subsequent ops apply.
+	t.Run("test op passes", func(t *testing.T) {
+		out, err := decode(t, `[
+			{"op": "test",    "path": "/spec/display/name", "value": "Service overview"},
+			{"op": "replace", "path": "/spec/display/name", "value": "Confirmed"}
+		]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, "Confirmed", out.Spec.Display.Name)
+	})
+
+	// ─────────────────────────────────────────────────────────────────
+	// Failure cases
+	// ─────────────────────────────────────────────────────────────────
+
+	t.Run("decode rejects non-array body", func(t *testing.T) {
+		var patch PatchableDashboardV2
+		err := json.Unmarshal([]byte(`{"op": "replace"}`), &patch)
+		require.Error(t, err)
+	})
+
+	t.Run("decode rejects malformed JSON", func(t *testing.T) {
+		var patch PatchableDashboardV2
+		// Outer json.Unmarshal rejects non-JSON before PatchableDashboardV2's
+		// UnmarshalJSON runs, so the error is a stdlib SyntaxError rather
+		// than the InvalidInput-classified wrap.
+		err := json.Unmarshal([]byte(`not json`), &patch)
+		require.Error(t, err)
+	})
+
+	// `test` precondition fails — the whole patch is rejected, including
+	// the subsequent replace.
+	t.Run("test op failure rejected", func(t *testing.T) {
+		_, err := decode(t, `[
+			{"op": "test", "path": "/spec/display/name", "value": "Wrong"},
+			{"op": "replace", "path": "/spec/display/name", "value": "Should not apply"}
+		]`).Apply(base)
+		require.Error(t, err)
+	})
+
+	// Lenient apply (AllowMissingPathOnRemove): removing a path that doesn't
+	// exist is a no-op rather than an error, so removes are idempotent.
+	t.Run("remove at missing path is a no-op", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "remove", "path": "/spec/panels/does-not-exist"}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, len(base.Spec.Panels), len(out.Spec.Panels), "existing panels untouched")
+	})
+
+	t.Run("remove schemaVersion rejected", func(t *testing.T) {
+		_, err := decode(t, `[{"op": "remove", "path": "/schemaVersion"}]`).Apply(base)
+		require.Error(t, err)
+	})
+
+	t.Run("wrong schemaVersion rejected", func(t *testing.T) {
+		_, err := decode(t, `[{"op": "replace", "path": "/schemaVersion", "value": "v5"}]`).Apply(base)
+		require.Error(t, err)
+		require.Contains(t, err.Error(), SchemaVersion)
+	})
+
+	t.Run("empty display name defaults to dashboard name", func(t *testing.T) {
+		out, err := decode(t, `[{"op": "replace", "path": "/spec/display/name", "value": ""}]`).Apply(base)
+		require.NoError(t, err)
+		assert.Equal(t, base.Name, out.Spec.Display.Name, "empty display.name should default from name")
+	})
+
+	t.Run("unknown top-level field rejected", func(t *testing.T) {
+		_, err := decode(t, `[{"op": "add", "path": "/bogus", "value": 42}]`).Apply(base)
+		require.Error(t, err)
+		require.Contains(t, err.Error(), "bogus")
+	})
+
+	t.Run("invalid panel kind rejected", func(t *testing.T) {
+		_, err := decode(t, `[{
+			"op": "replace",
+			"path": "/spec/panels/p1",
+			"value": {
+				"kind": "Panel",
+				"spec": {"plugin": {"kind": "signoz/NotAPanel", "spec": {}}}
+			}
+		}]`).Apply(base)
+		require.Error(t, err)
+		require.Contains(t, err.Error(), "NotAPanel")
+	})
+
+	t.Run("query kind incompatible with panel rejected", func(t *testing.T) {
+		// PromQLQuery is not allowed on ListPanel — verify the cross-check
+		// in Validate still runs after a patch.
+		_, err := decode(t, `[{
+			"op": "replace",
+			"path": "/spec/panels/p2",
+			"value": {
+				"kind": "Panel",
+				"spec": {
+					"plugin": {"kind": "signoz/ListPanel", "spec": {}},
+					"queries": [{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/PromQLQuery", "spec": {"name": "A", "query": "up"}}}}]
+				}
+			}
+		}]`).Apply(base)
+		require.Error(t, err)
+	})
+
+	t.Run("removing the only query rejected", func(t *testing.T) {
+		// Validate requires exactly one query per panel — leaving zero is rejected.
+		_, err := decode(t, `[{"op": "remove", "path": "/spec/panels/p2/spec/queries/0"}]`).Apply(base)
+		require.Error(t, err)
+		require.Contains(t, err.Error(), "panel must have one query")
+	})
+
+	t.Run("two direct queries rejected", func(t *testing.T) {
+		// Validate requires exactly one query per panel. To display multiple
+		// data sources in one panel, wrap them in a CompositeQuery (see the
+		// "replace query with composite" subtest below).
+		_, err := decode(t, `[{
+			"op": "replace",
+			"path": "/spec/panels/p1",
+			"value": {
+				"kind": "Panel",
+				"spec": {
+					"plugin": {"kind": "signoz/TimeSeriesPanel", "spec": {}},
+					"queries": [
+						{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+							"name": "A", "signal": "metrics",
+							"aggregations": [{"metricName": "signoz_calls_total", "temporality": "cumulative", "timeAggregation": "rate", "spaceAggregation": "sum"}]
+						}}}},
+						{"kind": "TimeSeriesQuery", "spec": {"plugin": {"kind": "signoz/BuilderQuery", "spec": {
+							"name": "B", "signal": "metrics",
+							"aggregations": [{"metricName": "signoz_db_calls_total", "temporality": "cumulative", "timeAggregation": "rate", "spaceAggregation": "sum"}]
+						}}}}
+					]
+				}
+			}
+		}]`).Apply(base)
+		require.Error(t, err)
+		require.Contains(t, err.Error(), "panel must have one query")
+	})
+
+	t.Run("too many tags rejected", func(t *testing.T) {
+		// Base already has 2 tags; add 9 more to exceed MaxTagsPerDashboard (10).
+		_, err := decode(t, `[
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "1"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "2"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "3"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "4"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "5"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "6"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "7"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "8"}},
+			{"op": "add", "path": "/tags/-", "value": {"key": "t", "value": "9"}}
+		]`).Apply(base)
+		require.Error(t, err)
+		require.Contains(t, err.Error(), "at most")
+	})
+}

pkg/types/dashboardtypes/pinned_dashboard.go

@@ -0,0 +1,22 @@
+package dashboardtypes
+
+import (
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	"github.com/uptrace/bun"
+)
+
+const MaxPinnedDashboardsPerUser = 10
+
+var ErrCodePinnedDashboardLimitHit = errors.MustNewCode("pinned_dashboard_limit_hit")
+
+type PinnedDashboard struct {
+	bun.BaseModel `bun:"table:pinned_dashboard,alias:pinned_dashboard"`
+
+	UserID      valuer.UUID `bun:"user_id,pk,type:text"`
+	DashboardID valuer.UUID `bun:"dashboard_id,pk,type:text"`
+	OrgID       valuer.UUID `bun:"org_id,type:text,notnull"`
+	PinnedAt    time.Time   `bun:"pinned_at,notnull,default:current_timestamp"`
+}

pkg/types/dashboardtypes/store.go

@@ -32,4 +32,29 @@ type Store interface {
 	DeletePublic(context.Context, string) error
 
 	RunInTx(context.Context, func(context.Context) error) error
+
+	// ════════════════════════════════════════════════════════════════════════
+	// v2 dashboard methods
+	// ════════════════════════════════════════════════════════════════════════
+
+	// int64 return is the total row count for the filter (pre-limit/offset),
+	ListV2(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, params *ListDashboardsV2Params) ([]*DashboardListRow, int64, error)
+
+	// Returns ErrCodePinnedDashboardLimitHit when the user is at MaxPinnedDashboardsPerUser.
+	PinForUser(ctx context.Context, pd *PinnedDashboard) error
+
+	UnpinForUser(ctx context.Context, userID valuer.UUID, dashboardID valuer.UUID) error
+
+	// ════════════════════════════════════════════════════════════════════════
+	// Dashboard saved view methods
+	// ════════════════════════════════════════════════════════════════════════
+	CreateDashboardView(ctx context.Context, view *DashboardView) error
+
+	GetDashboardView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*DashboardView, error)
+
+	ListDashboardViews(ctx context.Context, orgID valuer.UUID) ([]*DashboardView, error)
+
+	UpdateDashboardView(ctx context.Context, view *DashboardView) error
+
+	DeleteDashboardView(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error
 }

tests/integration/tests/cloudintegrations/05_services.py

@@ -86,6 +86,49 @@ def test_list_services_with_account(
         assert svc["enabled"] is False, f"Service {svc['id']} should be disabled before any config is set"
 
 
+EC2_SERVICE_ID = "ec2"
+
+
+def test_list_account_services(
+    signoz: types.SigNoz,
+    create_user_admin: types.Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+    create_cloud_integration_account: Callable,
+) -> None:
+    """ListAccountServicesMetadata reflects enabled state after enabling a service."""
+    admin_token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    account = create_cloud_integration_account(admin_token, CLOUD_PROVIDER)
+    account_id = account["id"]
+
+    checkin = simulate_agent_checkin(signoz, admin_token, CLOUD_PROVIDER, account_id, str(uuid.uuid4()))
+    assert checkin.status_code == HTTPStatus.OK, f"Check-in failed: {checkin.text}"
+
+    put_response = requests.put(
+        signoz.self.host_configs["8080"].get(f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}/services/{EC2_SERVICE_ID}"),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        json={"config": {"aws": {"metrics": {"enabled": True}, "logs": {"enabled": True}}}},
+        timeout=10,
+    )
+    assert put_response.status_code == HTTPStatus.NO_CONTENT, f"Enable ec2 failed: {put_response.status_code}: {put_response.text}"
+
+    list_response = requests.get(
+        signoz.self.host_configs["8080"].get(f"/api/v1/cloud_integrations/{CLOUD_PROVIDER}/accounts/{account_id}/services"),
+        headers={"Authorization": f"Bearer {admin_token}"},
+        timeout=10,
+    )
+    assert list_response.status_code == HTTPStatus.OK, f"Expected 200, got {list_response.status_code}"
+
+    data = list_response.json()["data"]
+    assert "services" in data, "Response should contain 'services' field"
+    assert isinstance(data["services"], list), "services should be a list"
+    assert len(data["services"]) > 0, "services list should be non-empty"
+
+    ec2_service = next((s for s in data["services"] if s["id"] == EC2_SERVICE_ID), None)
+    assert ec2_service is not None, f"EC2 service '{EC2_SERVICE_ID}' not found in services list"
+    assert ec2_service["enabled"] is True, f"EC2 service should be enabled, got: {ec2_service['enabled']}"
+
+
 def test_get_service_details_without_account(
     signoz: types.SigNoz,
     create_user_admin: types.Operation,  # pylint: disable=unused-argument

tests/integration/tests/dashboard/03_v2_dashboard.py

@@ -0,0 +1,445 @@
+import uuid
+from collections.abc import Callable
+from http import HTTPStatus
+
+import pytest
+import requests
+
+from fixtures.auth import USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD
+from fixtures.types import Operation, SigNoz
+
+# The v2 dashboard API. Request shape (current):
+#   {"schemaVersion": "v6", "name": "<dns-1123-label>",
+#    "spec": {"display": {"name": "<human name>"}},
+#    "tags": [{"key": "...", "value": "..."}]}
+# `name` is a DNS-1123 label identifier and is immutable after create;
+# `spec.display.name` is the human-facing title used for name-sort/name-filter.
+
+_BASE = "/api/v2/dashboards"
+_TIMEOUT = 5
+
+
+def _headers(token: str) -> dict:
+    return {"Authorization": f"Bearer {token}"}
+
+
+def _url(signoz: SigNoz, path: str = "") -> str:
+    return signoz.self.host_configs["8080"].get(f"{_BASE}{path}")
+
+
+def _create(signoz: SigNoz, token: str, body: dict) -> requests.Response:
+    return requests.post(
+        _url(signoz), json=body, headers=_headers(token), timeout=_TIMEOUT
+    )
+
+
+def _get(signoz: SigNoz, token: str, dashboard_id: str) -> requests.Response:
+    return requests.get(
+        _url(signoz, f"/{dashboard_id}"), headers=_headers(token), timeout=_TIMEOUT
+    )
+
+
+def _list(signoz: SigNoz, token: str, **params: object) -> requests.Response:
+    return requests.get(
+        _url(signoz),
+        params={k: v for k, v in params.items() if v is not None},
+        headers=_headers(token),
+        timeout=_TIMEOUT,
+    )
+
+
+def _update(
+    signoz: SigNoz, token: str, dashboard_id: str, body: dict
+) -> requests.Response:
+    return requests.put(
+        _url(signoz, f"/{dashboard_id}"),
+        json=body,
+        headers=_headers(token),
+        timeout=_TIMEOUT,
+    )
+
+
+def _delete(signoz: SigNoz, token: str, dashboard_id: str) -> requests.Response:
+    return requests.delete(
+        _url(signoz, f"/{dashboard_id}"), headers=_headers(token), timeout=_TIMEOUT
+    )
+
+
+def _lock(
+    signoz: SigNoz, token: str, dashboard_id: str, lock: bool
+) -> requests.Response:
+    method = requests.put if lock else requests.delete
+    return method(
+        _url(signoz, f"/{dashboard_id}/lock"),
+        headers=_headers(token),
+        timeout=_TIMEOUT,
+    )
+
+
+def _pin(signoz: SigNoz, token: str, dashboard_id: str, pin: bool) -> requests.Response:
+    method = requests.put if pin else requests.delete
+    return method(
+        _url(signoz, f"/{dashboard_id}/pins/me"),
+        headers=_headers(token),
+        timeout=_TIMEOUT,
+    )
+
+
+def _minimal_body(name: str, display: str, tags: list[dict] | None = None) -> dict:
+    return {
+        "schemaVersion": "v6",
+        "name": name,
+        "spec": {"display": {"name": display}},
+        "tags": tags or [],
+    }
+
+
+# ─── failure cases (create no dashboards) ────────────────────────────────────
+
+
+def test_create_rejects_wrong_schema_version(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _create(signoz, token, {})
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    body = response.json()
+    assert body["status"] == "error"
+    assert body["error"]["code"] == "dashboard_invalid_input"
+    assert body["error"]["message"] == 'schemaVersion must be "v6", got ""'
+
+
+def test_create_rejects_missing_name(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _create(signoz, token, {"schemaVersion": "v6"})
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    body = response.json()
+    assert body["error"]["code"] == "dashboard_invalid_input"
+    assert body["error"]["message"] == "name is required"
+
+
+def test_create_rejects_non_dns_name(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _create(
+        signoz, token, _minimal_body(name="Not A Label", display="Not A Label")
+    )
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    assert response.json()["error"]["code"] == "dashboard_invalid_input"
+
+
+def test_create_rejects_unknown_field(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    body = _minimal_body("rejects-unknown", "Rejects Unknown")
+    body["unknownfield"] = "boom"
+    response = _create(signoz, token, body)
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    assert response.json()["error"]["code"] == "dashboard_invalid_input"
+    assert "unknown field" in response.json()["error"]["message"]
+
+
+def test_create_rejects_reserved_tag_key(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    body = _minimal_body(
+        "rejects-reserved", "Rejects Reserved", [{"key": "source", "value": "x"}]
+    )
+    response = _create(signoz, token, body)
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    assert response.json()["error"]["code"] == "dashboard_invalid_input"
+
+
+def test_create_rejects_too_many_tags(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    tags = [{"key": f"k{i}", "value": "v"} for i in range(11)]
+    response = _create(signoz, token, _minimal_body("too-many-tags", "Too Many", tags))
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    assert response.json()["error"]["code"] == "dashboard_invalid_input"
+
+
+@pytest.mark.parametrize(
+    "params",
+    [
+        {"sort": "bogus"},
+        {"order": "bogus"},
+        {"limit": -1},
+        {"offset": -1},
+    ],
+)
+def test_list_rejects_invalid_params(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+    params: dict,
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _list(signoz, token, **params)
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    assert response.json()["error"]["code"] == "dashboard_list_invalid"
+
+
+def test_get_rejects_malformed_id(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _get(signoz, token, "not-a-uuid")
+
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+
+
+def test_get_missing_dashboard_returns_not_found(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _get(signoz, token, str(uuid.uuid4()))
+
+    assert response.status_code == HTTPStatus.NOT_FOUND
+
+
+def test_delete_missing_dashboard_returns_not_found(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _delete(signoz, token, str(uuid.uuid4()))
+
+    assert response.status_code == HTTPStatus.NOT_FOUND
+
+
+def test_pin_missing_dashboard_returns_not_found(
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    response = _pin(signoz, token, str(uuid.uuid4()), pin=True)
+
+    assert response.status_code == HTTPStatus.NOT_FOUND
+
+
+# ─── lifecycle ───────────────────────────────────────────────────────────────
+# A single end-to-end flow through create → get → list/filter/sort → pin →
+# update → lock → delete. Every fixture dashboard carries a unique suite marker
+# tag so list queries can be scoped server-side, isolating this test from any
+# other dashboards sharing the session DB.
+
+_SUITE_TAG = {"key": "suite", "value": "lifecyclev2"}
+_SUITE_FILTER = "suite = 'lifecyclev2'"
+
+
+def _scoped(query: str) -> str:
+    return f"({query}) AND {_SUITE_FILTER}"
+
+
+def _display_names(body: dict) -> list[str]:
+    return [d["spec"]["display"]["name"] for d in body["data"]["dashboards"]]
+
+
+def test_dashboard_v2_lifecycle(  # pylint: disable=too-many-locals,too-many-statements
+    signoz: SigNoz,
+    create_user_admin: Operation,  # pylint: disable=unused-argument
+    get_token: Callable[[str, str], str],
+):
+    token = get_token(USER_ADMIN_EMAIL, USER_ADMIN_PASSWORD)
+
+    fixtures = [
+        (
+            "lc-alpha",
+            "Alpha Overview",
+            [{"key": "team", "value": "pulse"}, {"key": "env", "value": "prod"}],
+        ),
+        (
+            "lc-beta",
+            "Beta Overview",
+            [{"key": "team", "value": "pulse"}, {"key": "env", "value": "dev"}],
+        ),
+        (
+            "lc-gamma",
+            "Gamma Storage",
+            [{"key": "team", "value": "storage"}, {"key": "env", "value": "prod"}],
+        ),
+    ]
+
+    # ── stage 1: create ──────────────────────────────────────────────────────
+    ids: dict[str, str] = {}
+    for name, display, tags in fixtures:
+        response = _create(
+            signoz, token, _minimal_body(name, display, [_SUITE_TAG, *tags])
+        )
+        assert response.status_code == HTTPStatus.CREATED, response.text
+        ids[name] = response.json()["data"]["id"]
+
+    # TODO: re-enable once the dashboard name unique index lands — creating a
+    # second dashboard with an existing name should conflict (409). Until the
+    # index exists, duplicate names are silently allowed.
+    # response = _create(signoz, token, _minimal_body("lc-alpha", "Alpha Dupe"))
+    # assert response.status_code == HTTPStatus.CONFLICT, response.text
+
+    # ── stage 2: get one and verify the round-tripped shape ──────────────────
+    response = _get(signoz, token, ids["lc-alpha"])
+    assert response.status_code == HTTPStatus.OK, response.text
+    alpha = response.json()["data"]
+    assert alpha["id"] == ids["lc-alpha"]
+    assert alpha["name"] == "lc-alpha"
+    assert alpha["spec"]["display"]["name"] == "Alpha Overview"
+    assert alpha["schemaVersion"] == "v6"
+    assert alpha["source"] == "user"
+    assert alpha["locked"] is False
+    assert {"key": "team", "value": "pulse"} in alpha["tags"]
+
+    # ── stage 3: list everything in the suite ────────────────────────────────
+    response = _list(signoz, token, query=_SUITE_FILTER, limit=200)
+    assert response.status_code == HTTPStatus.OK, response.text
+    body = response.json()
+    assert body["data"]["total"] == 3
+    assert set(_display_names(body)) == {
+        "Alpha Overview",
+        "Beta Overview",
+        "Gamma Storage",
+    }
+
+    # ── stage 4: filter DSL (tag-key filters + display-name contains) ────────
+    cases = [
+        ("team = 'pulse'", {"Alpha Overview", "Beta Overview"}),
+        ("env = 'prod'", {"Alpha Overview", "Gamma Storage"}),
+        ("name CONTAINS 'Overview'", {"Alpha Overview", "Beta Overview"}),
+        ("env IN ['dev', 'test']", {"Beta Overview"}),
+    ]
+    for query, expected in cases:
+        response = _list(signoz, token, query=_scoped(query), limit=200)
+        assert response.status_code == HTTPStatus.OK, response.text
+        assert set(_display_names(response.json())) == expected, query
+
+    # ── stage 5: name sort honours order ─────────────────────────────────────
+    response = _list(
+        signoz, token, query=_SUITE_FILTER, sort="name", order="asc", limit=200
+    )
+    assert _display_names(response.json()) == [
+        "Alpha Overview",
+        "Beta Overview",
+        "Gamma Storage",
+    ]
+    response = _list(
+        signoz, token, query=_SUITE_FILTER, sort="name", order="desc", limit=200
+    )
+    assert _display_names(response.json()) == [
+        "Gamma Storage",
+        "Beta Overview",
+        "Alpha Overview",
+    ]
+
+    # ── stage 6: pinning floats a dashboard to the top of any ordering ───────
+    assert (
+        _pin(signoz, token, ids["lc-gamma"], pin=True).status_code
+        == HTTPStatus.NO_CONTENT
+    )
+    response = _list(
+        signoz, token, query=_SUITE_FILTER, sort="name", order="asc", limit=200
+    )
+    dashboards = response.json()["data"]["dashboards"]
+    assert dashboards[0]["name"] == "lc-gamma"
+    assert dashboards[0]["pinned"] is True
+    assert all(d["pinned"] is False for d in dashboards[1:])
+
+    # ── stage 7: unpinning restores the natural ordering ─────────────────────
+    assert (
+        _pin(signoz, token, ids["lc-gamma"], pin=False).status_code
+        == HTTPStatus.NO_CONTENT
+    )
+    response = _list(
+        signoz, token, query=_SUITE_FILTER, sort="name", order="asc", limit=200
+    )
+    assert _display_names(response.json()) == [
+        "Alpha Overview",
+        "Beta Overview",
+        "Gamma Storage",
+    ]
+
+    # ── stage 8: update mutates the spec but keeps the immutable name ────────
+    update_body = _minimal_body(
+        "lc-alpha",
+        "Alpha Overview",
+        [
+            _SUITE_TAG,
+            {"key": "team", "value": "pulse"},
+            {"key": "env", "value": "prod"},
+        ],
+    )
+    update_body["spec"]["display"]["description"] = "now with a description"
+    response = _update(signoz, token, ids["lc-alpha"], update_body)
+    assert response.status_code == HTTPStatus.OK, response.text
+    response = _get(signoz, token, ids["lc-alpha"])
+    assert (
+        response.json()["data"]["spec"]["display"]["description"]
+        == "now with a description"
+    )
+
+    # ── stage 9: a locked dashboard rejects updates until unlocked ───────────
+    assert (
+        _lock(signoz, token, ids["lc-beta"], lock=True).status_code
+        == HTTPStatus.NO_CONTENT
+    )
+    beta_body = _minimal_body(
+        "lc-beta",
+        "Beta Overview",
+        [_SUITE_TAG, {"key": "team", "value": "pulse"}, {"key": "env", "value": "dev"}],
+    )
+    response = _update(signoz, token, ids["lc-beta"], beta_body)
+    assert response.status_code == HTTPStatus.BAD_REQUEST
+    assert (
+        _lock(signoz, token, ids["lc-beta"], lock=False).status_code
+        == HTTPStatus.NO_CONTENT
+    )
+    assert (
+        _update(signoz, token, ids["lc-beta"], beta_body).status_code == HTTPStatus.OK
+    )
+
+    # ── stage 10: delete removes the dashboard from get and list ─────────────
+    assert _delete(signoz, token, ids["lc-gamma"]).status_code == HTTPStatus.NO_CONTENT
+    assert _get(signoz, token, ids["lc-gamma"]).status_code == HTTPStatus.NOT_FOUND
+    response = _list(signoz, token, query=_SUITE_FILTER, limit=200)
+    assert response.json()["data"]["total"] == 2
+    assert set(_display_names(response.json())) == {"Alpha Overview", "Beta Overview"}