I did call to client.svc to get all sub sites for my current site:
var clientContext = new SP.ClientContext(), web = clientContext.get_web();
var subWebs = web.get_webs(); clientContext.load(subWebs);
clientContext.executeQueryAsync(function (sender, args) {
One of the web has permissions which pops up "Access denied" for the user which runs my app. And whole request gives me access denied error. But in reality there are few sub sites but only one have such forbidden permission for this user.
I thought that SharePoint does security trimming so it must just trim out the forbidden site and give me back collection of others. Why service doesn't do this?