Secure Access to Objects in the Model
It’s important to keep sensitive information secure. Everyone has access to the data in your model by default. To avoid exposing sensitive data, set show and hide permissions for your entire model or for individual fact tables, dimension tables, and columns.
For example, you can restrict access to certain Revenue columns to ensure only authorized users can view them. Or you can restrict access to an entire model to stop people opening the model or accesses its subject area.
About Permission Inheritance
When multiple application roles act on a user or role with conflicting security attributes, the user or role is granted the least restrictive security attribute. Also, any explicit permissions acting on a user take precedence over any permissions on the same objects granted to that user through application roles.
Tip:
If you deny access to a table, access to all columns in that table is implicitly denied as well.