Use case is: an access role is created that prevents a user from doing anything in the database except opening up sets shared with their account. They can not search/browse the system.
Issue is: they can still search system contents via the "Add object" in Set items.
Can we add an action access role setting to remove this "Add object" segment of the Set items bundle?
I changed the lookup across the board to honor the "can search" action. This means that if you don't have privs to search objects then any type-ahead that searches objects will now refuse to search. This would be in the set editor as well as in the various record editors. This seems reasonable to me. What do you think?
I've made the change in dev/locMerge only for now.
This works well.
As a result of this work admin roles are now getting "You do have access to search list items" in the lookup drop-down for Manage > Lists and Vocabularies > Search.
On what system is this happening? I've tried a couple and they don't exhibit this behavior.
It just needed a pull to current code. It works now!