I read your question a little differently than Grant and Jeff, so I just wanted to confirm what you were looking to do.
If I understand your question correctly, you want to allow someone access to Profiler and/or Extended Events, but you want to restrict it so they cannot see the TSQL that was executed.
If I understand your question correctly, there is no way (that I am aware of) to do this. This is by design as both Profiler and Extended Events are designed to help debug problems with the system. In order to do this, you would need to be able to see all sorts of metrics and data, including but not limited to the TSQL being executed.
I think the opposite question comes to mind - why does a user need to run Profiler or Extended Events if they are not troubleshooting or tuning (generally DBA related duties)?
Now, if I am misinterpreting the question, then both Jeff and Grant tackle this question well - system resource can result in data being missed and filters can result in data being missed.
The above is all just my opinion on what you should do.
As with all advice you find on a random internet forum - you shouldn't blindly follow it. Always test on a test server to see if there is negative side effects before making changes to live!