Auditor user triggers redaction logic when searching restricted public projects

Auditors are somehow administrators with read-only access according to https://docs.gitlab.com/ee/administration/auditor_users.html#overview. A regular user can be configured via the admin interface to become an auditor.

For any public project that has a Only Project Members restriction (whether Issues, Repository, Merge requests, Wiki or Snippets), the search feature does not return results but the counter/badge takes them into account, i.e. redaction logic is triggered.

The root cause may be that for such configured Public projects, auditor gets a 404 when accessing those features: this is in contradiction with the doc above read-only access to all other resources, except the Admin area.

There is no security impact as there is no data leak, but the redaction logic will trigger an alert bringing noise to security monitoring