When an item is submitted with bitstream READ access granted only to administrator (or any non-anonymous credentials), partial contents of the bitstream should not be appearing in the search results to users of the system that have not logged in with the necessary privileges.
I'm not sure of the best way to tackle this but my order of preference would be to:
- Replace the KWIC with a statement explaining the access level required to view the matching bitstream
- Replace the KWIC with a blank string and let the searcher realize after clicking on the item that they lack the credentials to view the item that matched the search terms
(or, least desirably)
- Removing the full text of items with higher READ privileges out of the index
One hurdle to fixing this might be figuring out which bitstream the matching contents came from for handles with multiple bitstreams (which could each have varying levels of permissions). This could be an argument for presenting blank values if even one restricted bitstream exists on the handle at search time.
Inspired from the discussion thread located here.
I have only seen this behavior in our 5.5 installation was unable to confirm in other systems.
The severity of the issue is directly correlated to how sensitive the contents of the higher privileged documents are.