Currently what they see is what they have access too.
In regular databases there are 3 layers to the structure database.schema.object. you can normally restrict ACLs by schema as a namespace. We currently don't have schema as an option, it's just database.object. well really it's catalog.database.object. happy to clarify if it doesn't make sense.