Admin pages available to non-authenticated users

[alexarobu]

Describe the bug
The following pages were discovered during testing, where a non-authenticated user accessed them by directly visiting the URL:

• /geonetwork/srv/api/i18n/packages/admin
• /geonetwork/srv/api/groups?withReservedGroup=true
• /geonetwork/srv/api/standards
• /geonetwork/srv/api/site/index/status
• /geonetwork/srv/api/i18n/packages/

As nothing clearly sensitive was observed, this issue has been raised for reference as part of the PEN test report, with a recommendation to ensure that this is the case and if not, ensure that only an authenticated admin user can access these pages.

To Reproduce
Steps to reproduce the behavior:

Ensure you are logged off from GeoNetwork and access the URL endpoints directly

Expected behavior
Only authorised users should be able to access these pages.