How do snap applications, snappy security R/W restrictions, and user files work
Snap commands (the binaries that the snap makes available to the system) are each associated with a set of "plugs" and "slots" which represent the ways the snap can "connect to other things".
There is a plug called "home" and if you associate that with your snap command then it will have read access to ~/ but not to dotfiles or dot-subdirectories (to avoid leaking things like .ssh/ credentials).
We are working to add the ability for the plug to explicitly list some dotfiles that it wants to read, for special cases, but the average app just needs "the documents in ~/" and the 'home' plug does that nicely.
I'm surprised that the libreoffice snap is not doing this already, either its a bug or I have misunderstood things somewhat :)