Setting status via API fails silently
When a user attempts to set the
status_id of an issue, but does not have permission to do so, Redmine's API does not respond with an error. The status is not updated, yet the response still indicates success.
I tested this with Admin user on a fresh instance of Redmine, where Admin was not a member of the project.
#8625 is related.