I administer a portal for a large organization. It's important that users can't see all the content of the organization. Even if they are published externally.
Use case: A user should not be able to see which contents of certain users are public.
Is it possible to restrict the search within the organization for public items?
I wonder if a custom role would help:
You could try to share an item both publicly and with the organization, then see if a public items are visible by users who can't see public content. Perhaps the "can't view content shared with organization" custom role takes precedent over the fact it's a public item.