The general authorization concept applies as described in the SAP HANA Security Guide on SAP Help Portal at.
In particular, for APF runtime and design time, analytic privileges are needed for the following calculation views:
You can define various analytic privileges based on the sap.hba.r.apf.core.v/AnalyticalConfigurationQuery calculation view and assign them to different users. This can be useful if you use the generic runtime application to run several configurations with various configuration IDs and you want to ensure that only authorized users can see the content of an app. You can specify whether you want to restrict the access to certain applications or even configurations.