New WS have been created for settings but they cannot be used by scanner for two reasons :
- only System Admin or Project Admin users can use the api/settings/values WS
- parameter keys is mandatory
For permission :
- When user is not authenticated, he should not see secured settings.
- When user is authenticated but not (project or global) admin, he should not see secured settings except license ones.
- When user is not authenticated but has Execute Analysis permission, he should see secured settings
For keys parameter:
- It should not be mandatory
- When not provided, it should return every defined settings and some hardcoded none defined settings