What minimal permissions should I set to user to make him able to query list via JS-REST requests?
The situation:
User is in a group that does not have access to entire subsite but have read right to a list (assets library)
When I check permissions of this group I see that it has Read level to list and restricted access to the site.
if user get item (photo image) via direct link to it (http://portal/media/gallery/photo/Ar.JPG) - it can see and download this image.
But if user make REST query to this library Chrome asks to enter credentials - and after several prompts - access denied response XML shows:
<m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
<m:code>-2147024891, System.UnauthorizedAccessException</m:code>