I applied field_security to exclude a field (e.g. plan_type) while defining the role (e.g. chennai_users). I have a visual created showing the excluded field (e.g. data table). When I login as a user owning the restricted role (e.g. chennaiuser), I was expecting that visual should not show this field data (e.g. plan_type), but it is showing the data as if user having access to all the fields.
In the same role, I applied document level security and it is working properly i.e. chennaiuser shows less total count than the superuser (elastic).
Could you please help to understand what is happening here? Is my expectation reasonable?
I found related question/answer in below link, but it is not clear to me. Please help.