Restricted access to getTargetAssocsByPropertyValue
Using the capitalised NodeService bean, nodeService.getTargetAssocsByPropertyValue can only be run by the system user. This is due to the bean id="NodeService_security" in alfresco-repository/src/main/resources/alfresco/public-services-security-context.xml , in which there is no entry for this method so it defaults to ACL_DENY, preventing access.
Considering that similar methods (e.g. getChildAssocsByPropertyValue) have entries, it seems as though this might be a mistake/bug, unless there is some specific reason that this method should not be used?
Re: Restricted access to getTargetAssocsByPropertyValue
This is most definitely a bug / massive oversight in development + testing by Alfresco. It is unfortunately not that uncommon, as I have had to report various methods with missing security configurations myself in the past.