edit: the original issue wasn't a bug, it was a unintuitive behavior of the previous "Data access" permission. After we split it into "View data" and "Create queries", this is clearer. But we keep the bug that we are showing field IDs instead of field names in the notebook editor.

Describe the bug

When you have a question consisting of 2 tables joined together one having no self service and another unrestricted will cause notebook editor to expose the no self service

To Reproduce

1. Go to Admin -> People -> Add New Group -> Name it group_1
2. Go to Admin -> People -> Invite Someone -> Assign it to group_1
3. Go to Admin -> Permissions -> Sample Database -> Set the All-Users to no self service -> Then set the People table to no self service and Orders table to unrestricted

4. Go to New -> Collection -> Test -> Give view permissions to group_1

5. Go New Question -> Sample Database -> Join Orders with Products -> Group by 2 columns from Orders and 2 columns from Products -> Save it in Test

6. Now login as the User you created which is assigned to group_1 -> Then open the above question and click on the Question Editor

7. Notice that even though the GUI removes the table name form the join you can still find it in the Group by

Expected behavior

Do not expose table names I guess

Logs

None that are relevant

Information about your Metabase installation

1.48.3 and master

Severity

Depends on how people structure their table names this can be problematic and leaks information

Additional context

No response