I use PowerQuery in Excel to provide an easy-to-refresh reporting experience for analysts and manager-level people.
Using M-Query, SQL, and a couple of simple VBA macros makes these reports awesome... except for all of the dialog boxes and warnings that freak them out the first time they use them or download a fresh copy of the document from SharePoint.
Someone mentioned in a related discussion that database permissions should ensure that the end-report user doesn't have power to make changes or violate their access privileges through the report. That would seem reasonable to me if some people running the reports didn't have dbo-type permissions. Conceivably, someone could make an erroneous SQL code fix in an Excel report, and then the next person who opened the Excel document and ran the report would potentially end up stuck with the consequences and maybe the blame for those changes.
My thinking is that if you could password protect worksheets from being edited, why not also allow VBA code and queries to be password protectable? Then you could ditch the unprofessional-looking warnings and dialogs that popup when someone tries to run an enhanced report.

