This article explains the default system.view permission for the non-administrator users.

This is working as per design and cannot be modified.

When a user is assigned to a custom role at the cluster object level for svMotion and does not have the privilege to view all the datastores, the datastores get listed for storage migration includes all the datastores mapped to the host although the user does not have permission to see the datastores. This is due to the user receiving the System.View permission by default at the vCenter level in VMware vCenter Server 6.x.