MXS-1220: Return 403 Forbidden for invalid requests

The JSON API specification suggests that the API returns the 403 Forbidden
error when the user does an invalid request. The 400 Bad Request isn't the
ideal error for cases where the syntax is correct but the action being
performed is wrong.

server/core/test/rest-api/test/schema_validation.js

@@ -35,10 +35,15 @@ describe("Individual Resources", function() {
         "/servers/server1",
         "/servers/server2",
         "/services/RW-Split-Router",
+        "/services/RW-Split-Router/listeners",
         "/monitors/MySQL-Monitor",
         "/filters/Hint",
         "/sessions/1",
         "/maxscale/",
+        "maxscale/threads",
+        "maxscale/logs",
+        "maxscale/tasks",
+        "maxscale/modules",
     ]
 
     tests.forEach(function(endpoint) {