Based on the implementation of #13578 ,the permissions endpoints will forbid users to change anoynmous and/or registered members permissions if they don't have can_manage_anonymous_permissions and/or can_manage_registered_member_permissions permissions.