Bug: block guest from calling api

[stevenwinship]

What this PR does / why we need it: /datasets/:persistentId/versions/:latest-published/downloadsize and /api/v1/datasets/:persistentId/versions/1.0/files/counts returning 200 or 404 for guest users instead of 403

Which issue(s) this PR closes:#11465

• Closes File API: fetch file downloadSize/count if a deaccessioned dataset has no file #11465

Special notes for your reviewer: API is for Authenticated Users only

Suggestions on how to test this: See IT tests

Does this PR introduce a user interface change? If mockups are available, please link/include them here:

Is there a release notes update needed for this change?:

Additional documentation:

[coveralls]

coverage: 23.18% (-0.002%) from 23.182%
when pulling 2f2fd80 on 11465-api-fetch-download-size-file-count
into 74b3bc7 on develop.

[sekmiller]

Looks good. Passing to QA

[github-actions]

📦 Pushed preview images as

ghcr.io/gdcc/dataverse:11465-api-fetch-download-size-file-count

ghcr.io/gdcc/configbaker:11465-api-fetch-download-size-file-count

🚢 See on GHCR. Use by referencing with full name as printed above, mind the registry name.

[ofahimIQSS]

fix looks good- merging

[qqmyers]

@stevenwinship - I didn't think the idea was to block all guest access to these endpoints for any version, but to return a 403 (instead of 404, etc.) when a user is asking about versions they don't have access to (draft or deaccessioned).

[pdurbin]

@qqmyers yes, good call. At standup we agreed to revert this PR. Here's the PR to revert it:

• Revert #11636 "Bug: block guest from calling api" #11693

[pdurbin]

Now that the newer, better post-revert PR has been merged:

• fix file downloadSize/Count after revert #11702

... I'd say it's save to move this from "ready for triage" to "done".