Do not show unrelated users in search results #1804
Description
Feature Request
Is your feature request related to a problem or unsupported use case? Please describe.
As noted by @AntoLC, it is currently possible for a user to try and invite other users that they don't know or have a professional relationship with, which could pose privacy issues, especially as we currently display the associated email address (see #1613)
Describe the solution you'd like
Search should be restricted so that either only for people with already common documents appear.
Other people can still be invited using their full email address.
Describe alternatives you've considered
Maybe make this as an optional setting?
I considered allowing users sharing the same email domain as well, but that would be problematic for users with emails from public providers such as gmail.com or laposte.net.
Discovery, Documentation, Adoption, Migration Strategy
There should probably be a notice above the search results saying something like "for security reasons, only users you have interacted with appear here. If the user you are searching doesn't appear, you can enter their full email address"