If I understand your question correctly, you can do what you're looking for.
My assumption is you want to disable searching of _internal on the search page by users of a specific role, but you have a dashboard crafted (that searches _internal ) that you would like the users in that same role to be able to view.
The solution to lies in the fact that you can configure a savedsearch to be run by the owner of the savedsearch, as opposed to the user running it. In savedsearches.conf:
dispatchAs = [user|owner]
* When the saved search is dispatched via the "saved/searches/{name}/dispatch"
endpoint, this setting controls, what user that search is dispatched as.
* This setting is only meaningful for shared saved searches.
* When dispatched as user it will be executed as if the requesting user owned
the search.
* When dispatched as owner it will be executed as if the owner of the search
dispatched it no matter what user requested it.
* If the 'force_saved_search_dispatch_as_user' attribute, in the limits.conf
file, is set to true then the dispatchAs attribute is reset to 'user' while
the saved search is dispatching.
* Defaults to owner.
Then in your dashboard, you view the results of that savedsearch in the SimpleXML thusly:
<search ref="<savedsearch name"></search>
For additional reference, consult this previous answers post that discusses the difference between running a savedsearch as a search and running it with the ref method shown above.
... View more
