To do it via the web interface, navigate to Settings > Access controls (with your admin user of course) and select "Roles". Click the role "user" and remove said capability from his list.
Go ahead and try it! I wasn't able to delete (or modify) a saved search or field extraction without that role (of course you need to make sure that the knowledge object has only read permissions for "user" as well).
i accidentally removed the "search" on the user capabilities, i didnt saved it but what happens next is that i cannot open everything even if i am using the admin role.
hi @jeffland i already added the admin_all_objects in the capability of the user access. but it does'nt hide the delete command in different objects. I want to restrict the user access to delete objects such as searches, field extractions, etc.
Did you make sure that the knowledge objects in question have the right permissions? In particular, they must not be write-enabled for the "user" role.
Then a user with the role of user should not be able to edit them (unless of course he created them and they are his "privately shared" knowledge objects).
That looks allright.
Are you sure that your role "user" does not have the capability admin_all_objects? It should be disabled in the .conf file, and the user should also not inherit it from another role.
@jeffland yes the user role does not have the capability admin_all_objects. by the way im using the default user role "user" . i did not create a new user access.
And did you make sure that this user "user" is only assigned to this "user" role? If it is, then I can't think of another reason why your user is able to delete knowledge objects.
