cubicweb #2807753 don't raise Unauthorized in some situations [open]

e.g. self.execute('Any X WHERE X eid %(x)s', {'x': 666}) when the current user hasn't read permission on entity eid 666.

While it may be convenient in some test situations, it is:

* an information leak (the user learns that something exists there, the web request will be translated in http 403 rather than 404),

* incoherent with other behaviours where one db request ('Any X WHERE X satisfies Y') will just filter out the entities the current user is not allowed to see.

prioritynormal
typeenhancement
done in<not specified>
load1.000
load left1.000
closed by<not specified>