I'd like to expand on this a bit.
On the Barracuda Email Security Gateway (our device) the per user allow/white list will only over-ride Barracuda networks based filters. Any filters that the administrator makes at the global or per domain level will over-ride a users allow/white list.
On the Barracuda Email Security Service (our cloud filtering solution) things work a bit differently. The users sender policy settings will over-ride any settings made by the administrator. There are a few exceptions to that (SPF failures for example) but in most cases a users allow/white list setting will allow the mail through.