Actually this is an easy response, to an easy issue. Create a set of Roles with the permissions you want them to have. Use those Roles instead of the standard Roles. I must admit it a real surprise it has taken this long to get a response.. Do not understand...
Security and privacy
Preventing certain roles from seeing resources
This discussion has been locked so you can no longer reply to it.