As an admin I can decouple permissions for registry live api and pulp api
add to the policy : view/pull and change/push permissions.
Users who can pull a registry should not be able to make a GET on the pulp api distribution unless this perms explicitly granted. Same stands for push operation.
Please register to edit this issue