rbac for deep search

stefanhengl · stefanhengl · commit 6685147eccbd · 2025-09-30T10:11:23.000+02:00
diff --git a/docs/admin/access_control/deep_search.mdx b/docs/admin/access_control/deep_search.mdx
@@ -0,0 +1,8 @@
+# Access control for Deep Search
+
+Granular controls for who can access [Deep Search](/deepsearch/) can be configured by site admins by tuning the roles assigned to users and the permissions granted to those roles. This page describes the permission types available for Deep Search, and whether they are granted by default to the **User** [system role](/admin/access_control#system-roles). All permissions are granted to the **Site Administrator** system role by default.
+
+        Name          |                                                                                                                    Description                                                                                                                     | Granted to **User** by default?
+--------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :-----------------------------:
+`deep_search:read`  | <ul><li>User can see the Deep Search menu item in the top-level menu bar.</li><li>User can read their own threads and threads that are shared with them.</li></ul>                                                                                                                                                                                                                                |                ✓
+`deep_search:write` | User can create or update a Deep Search. |                ✓
diff --git a/docs/admin/access_control/index.mdx b/docs/admin/access_control/index.mdx
@@ -39,6 +39,7 @@ To edit the permissions granted to a role, click the role to expand it, then sel
 You can read about the specific permission types available for each RBAC-enabled product area below:
 
 - [Batch Changes](/admin/access_control/batch_changes)
+- [Deep Search](/admin/access_control/deep_search)
 - [Ownership](/admin/access_control/ownership)
 - [Service accounts](/admin/service_accounts)
 
