ES: Project members with guest role can't access confidential issues
What does this MR do?
Restrict access to confidential issues to team members with at least Reporter access when performing search using Elasticsearch.
Allow users to create confidential issues in private projects, and exclude access to them to project members with Guest
role.
Are there points in the code the reviewer needs to double check?
The query generated in the Elastic::NotesSearch.elastic_search
method.
Why was this MR needed?
Confidential issues should only be visible to team members with at least Reporter access.
What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ce/issues/14787
Screenshots (if relevant)
Not relevant.