Database security is controlled using database roles. After an end user successfully connects to an Analysis server, database roles on that server are searched for the end user's user name.
If the user name is found in a database role, the end user can view that database's name and a list of cubes (including virtual and linked cubes) in that database. However, the end user can access only those cubes to which the database role has been assigned.
If the user name is not found in the database roles, the end user cannot view or access any objects on the server.
Before you grant end users access to cubes in a database, you must grant them database access by including them in a database role.