Feature: separate required metric permissions to be per-method

When implementing a metric, the same permission requirements may not apply to all methods. 

Perhaps required permissions should be bound to the individual methods instead of the metric metadata.