In Chapter 3, Permissions and Security, we introduced a custom permission model that allowed us to whitelist users against certain knowledgebase categories.
As this is functionality that we added to the system, Redmine doesn't understand how this content needs to be filtered.
To illustrate the process, first we'll ensure that one of our categories has an explicit whitelist defined.
This category currently contains a number of articles that contain references to viruses, which is what we'll be using as a search term.
If we were to execute this search as the current user, the results would contain all articles that contain a reference to the word "virus" either in the title, or in the content of the article. This is shown in the following screenshot:
If the user wasn't on the whitelist, trying to select the article would result in an error, which is the desired behavior in this situation. This situation violates our security policy though, as it...