Privileged `createMembership()` access

A forum posting revealed a problem with platform's createMembership() call (AccessControlService):
https://forum.dmx.systems/t/issue-with-creating-membership-through-admin-user-in-dmx-5-2/139

This is a bug.

createMembership() misses the 2-layered access mechanism (analogue to e.g. assignToWorkspace(), createUserAccount()):

HTTP access -- all access checks performed.
Privileged Java access -- no access checks performed. The caller is responsible for securing the request.

Edited Aug 21, 2021 by Jörg Richter