Knowledge v3 search results do not obey ACLs


Description

Because Knowledge v3 does not use ACLs to restrict access, knowledge search includes results that are restricted via ACLs for the current user.

Steps to Reproduce

  1. Create ACLs that prevent a certain user from accessing knowledge articles.
  2. Log in as the restricted user.
  3. Search for a restricted article.


The article appears in search results but you cannot view the full article.

Workaround

Do not use ACLs to restrict articles when using Knowledge v3. In v3, security is handled strictly by user criteria:

Knowledge Management V3 Migration

If you need to prevent certain users from seeing knowledge articles, move those articles to a separate knowledge base with more strict user criteria.

For more information, see: KB0550924: Understanding User Criteria and ACLs in Knowledge v3.


Related Problem: PRB632565