Create a limited user role

[msm-code]

Feature Category

• Correctness
• User Interface / User Experience
• Performance
• Other (please explain)

Describe the problem

I think about setting up a publicly available instance. In the current implementation, even if current user is not an admin, they can cancel every query in the system.

Describe the solution you'd like

When anonymous users are enabled, we may not want them to be able to cancel each other queries. We just want them to see their queries (and possibly queries of other people).

Describe alternatives you've considered

This is a case of a more general problem: how do we handle user permissions and roles. Some open-ended questions:

• We support anonymous browsing (i.e. anonymous user may be given role of an user). Should anonymous users be able to cancel their own searches? If yes - how do we identify them?
• Should logged-in users be able to cancel their queries? What about queries of other users?
• Should users see each other queries? The same goes - if we want every user to see only their queries, how do we implement this for anonymous users?