Three words: Segregation of Duties
Be sure that this is the criteria that you use to review the access levels.
I give users the least rights that they need to do their job. Unless their job includes updating the data in the data warehouse (which it probably doesn’t) they should have SELECT rights only at the most, assuming they have rights to the data warehouse at all. Typically what I see is a data warehouse which pretty much no one can access, that spits out tons of reports nightly which are all that people can see.