Is there a way to restrict pass through SQL or even the ability to add SQL/ MDX object in Reporting within Query explorer? This is to ensure that users do not bypass the framework model and in-built security.
Solution: Capabilities under Security Tab in Cognos Configuration
http://www.cognoise.com/index.php?topic=20681.0