I understand that the org chart is entirely client side. I was wondering if the access is determined by the logged in user. So if a user is not given permissions to view users, would they have no results in the org chart? I assume that this would be the case as everything else in SharePoint, but wanted to make sure it wasn't running under the credentials of the user who uploaded it to the App Catalog, for example.
As a developer, I understand that it wouldn't really make any sense to do this, I'm looking for a statement of this for our security team.