As a gadget author I would like the user changing statements using the gadget to be authenticated so that they could be credited to the changes they make.
As a gadget author I would like the user changing statements using the gadget to be authorized so that the wiki's editing restrictions are not violated.
Bearer-token based authentication using Authorization HTTP header should be used.
Currently POST requests to /entities/items/{item_id}/statements handle the authentication.
The following requests should also authenticate and authorize the mediawiki user:
DELETE /entities/items/{item_id}/statements/{statement_id}
DELETE /statements/{statement_id}
PUT /entities/items/{item_id}/statements/{statement_id}
PUT /statements/{statement_id}
PATCH /entities/items/{item_id}/statements/{statement_id}
PATCH /statements/{statement_id}