When a corp member has access to USE any corp blueprints in a facility, they have the ability also to USE blueprints in any (un-passworded) container, regardless of what corp hangar access has been granted to them.
Specifically, if a corp member has the role Rent Factory Facility and/or Rent Research Facility then they now have the ability to use any blueprint in corp hangars, as long as the blueprint is not in a password-secured container. They don’t need any hangar access or viewing permissions to use those blueprints, and this seems wrong to me.
I’m pretty sure they shouldn’t be able to use blueprints from hangars that they don’t have role to at least Query. Additionally, this [flaw] in permissions control might allow people to steal corp blueprints by installing a blueprint research (ME/TE) job and having it deliver to a hangar that they have access to, and it might be easily missed because Jobs list doesn’t tell the delivery location of the installed job. It is similarly a bother for more valuable BPCs such as T2, T3, or capital/structure blueprints, which are not nearly free to acquire or produce, and then any manufactuing corp member could effectively steal them by simply using the blueprints… using blueprints that maybe they shouldn’t even be able to see.