[5.x]: Customize Source shows other users' entries

[burningchair]

What happened?

Description

User with only "View entries" permission for one section is able to see other users entries in a custom source

Steps to reproduce

1. Create "blog" section
2. Create example entries in blog section
3. Create user with "View entries" on blog section only
4. Assign one entry to new user
5. Create a custom source eg. "Blog abc" with section = 'blog' + title starts with "abc"
6. Login as new user
7. New User can see others entries on "Blog abc" custom source

Expected behavior

User can not see other entries in custom source if he has no "view other users' entries" permission

Actual behavior

User can see other entries

Craft CMS version

5.4.8

PHP version

8.2.24

Operating system and version

Linux 6.11.3-200.fc40.x86_64

Database type and version

PostgreSQL 14.12

Image driver and version

Imagick 3.7.0 (ImageMagick 6.9.11-60)

Installed plugins and versions

CKEditor 4.x-dev Feed Me 6.5.0 Maps 5.0.3 Workflow 3.0.4

[burningchair]

I did not see the "is viewable" filter option and it is also possible to restrict the access of custom sources to user groups.

imho "is viewable" should be the default value