The goal of this issue is to investigate the use of
Notes from @tsteur
- when posting events it does not even describe that the code will be run as superuser. Who knows what plugin developers do there, they can't expect something like this...
- in general we should not have to use this at all, only under very rare circumstances. It usually just that there is a problem somewhere else. In this case one could simply call the Model to get the data instead of the API and the doAsSuperUser is no longer required.
- there is also still the command thing that runs all the commands as super user
- check super user access is resetted when a wrong token auth is given