In Apache Incubator Superset before 0.32, a user can view database names that he has no access to on a dropdown list in SQLLab

Users can view database names in Apache Superset