When clicking on the available actions for a project under admin/project_management, an API call is made to /api/components/show to check if the user has access to this particular project. If the API call fails, a "Restore access" option is shown.
However, because the call fails, it is also caught by the request handler, and an error message is shown. In this case, the WS failure is used as an indicator that the user has no access, but this is brittle: the call could fail for another reason (500), and showing a "Restore access" option wouldn't help.
We should handle this properly instead, by checking the correct permissions, cleanly.