SearchService has searchOverrideSecurity:
https://docs.atlassian.com/jira/7.0.4/com/atlassian/jira/bc/issue/search/SearchService.html#searchOverrideSecurity-com.atlassian.jira.user.ApplicationUser-com.atlassian.query.Query-com.atlassian.jira.web.bean.PagerFilter-
The user it’s expecting isn’t really used for anything that I know of (I’m guessing future proofing or maybe Audit Trails?). Pass in the current user and you should be good.
That said - like @david.pinn said - you’re breaking out of JIRA’s permission model so make sure you’re doing it for the right reasons and don’t cause an Information Leak (which would be a bad thing ).