We have a model-driven app where an access to a custom entity is configured. And an access only to one view of that entity is configured in a hub (model driven application). After login to this hub, a user can see only one configured view and everything is fine for now. But using new advanced filtering panel in a View the user can change view filter and see other data which should be hidden for this user. This is a huge security hole for us.

It would be better to add a way to control an access to new advanced filtering panel (introduced recently in unified interface) via security role or something like that.