Hi,
In general, Denodo uses User and Role privileges to manage different types of access rights. Access rights can be defined on different granualarity, i. e. Database, View, Colum/Row level as well as different levels of operations. The user who is logged in to access the Denodo Server is the one who's authentication and privileges are checked against the elements in the Denodo Server. For instance, you have a user A who is existing in the Denodo Server and you use a JDBC-Application to access the Denodo Server using the credentials of user A. This means, the Denodo server will check user A's privileges and access rights against the server and acts accordingly upon it.
It is also possible to define roles with certaing privileges and access rights, such that privileges and rights can be managed for multiple users at once.
Please see [User and Access Right in Virtual DataPort](https://community.denodo.com/docs/html/browse/7.0/vdp/administration/databases_users_and_access_rights_in_virtual_dataport/user_and_access_right_in_virtual_dataport/user_and_access_right_in_virtual_dataport#row-restrictions) as well as [Denodo Security Overview](https://community.denodo.com/kb/view/document/Denodo%20Security%20Overview?category=Security) for a better understanding of this subject.
Hope this helps!