------------------
- Created fine-grained permissions for delegating sharing page roles in
order to avoid people with a delegated permission escalating their own
privileges. This can now be controlled at a high level by the
"Sharing page: Delegate roles" permission, which controls access to the
Sharing page machinery, and at an individual roles basis, with
permissions like "Sharing page: Delegate Editor role".
http://dev.plone.org/plone/ticket/7652
- Stopped people from locking themselves out by disabling the ability
to edit their own roles.
- Added friendly "Changes saved" message.
http://dev.plone.org/plone/ticket/6966
- user_search_results() now searches in login name as well as fullname.
Fixes http://dev.plone.org/plone/ticket/6853
[erikrose]
- Factored up the duplicated logic from user_search_results() and
group_search_results() to form _principal_search_results().
[erikrose]