The following WS are all accessible anonymously where they should be partially or fully protected against anonymous access:
- Currently, "Administer System permission is required to show the 'groups' field."
- We should extend this filtering: when accessed anonymously, this WS should return only:
- Currently, it is accessible anonymously: there's no valid reason for this (this is used only for admin features)
- We should restrict access to logged in users