On the Job DSL wiki (https://github.com/jenkinsci/job-dsl-plugin/wiki/Script-Security) it states undr Groovy Sandboxing:
"All Job DSL methods are whitelisted by default, but Jenkins access control checks are applied."
However, when creating a freestyle job with the example from (https://jenkinsci.github.io/job-dsl-plugin/#path/javaposse.jobdsl.dsl.DslFactory.pipelineJob-definition-cps) as the DSL script, and running as an appropriately authorised user with sandboxing enabled, the following error message is displayed:
ERROR: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (javaposse.jobdsl.dsl.helpers.workflow.CpsContext readFileFromWorkspace java.lang.String)
The DSL for those interested: