Fix: public items

[codeofmochi]

Public items can currently not display the content of an etherpad when viewed from a unauthenticated user: this is because all group pads require sessions to be viewed.

To solve this:

• when an item becomes public or pseudonymized, the pad is moved to a non-group pad. REQUIRE_SESSION must be set to false. If the item is set to private, the pad is set into a group again
• however this is not enough: a non-group pad becomes editable by anyone. So the back-end must ensure that the public endpoints always return a read-only ID, and the private endpoints need to check for a permission >= write to provide an edit URL.

⚠️ public item in Graasp != non-group pad: a public item is not editable, while a non-group pad is. Hence the additional read / write URL distinction.

Update: it seems we cannot set REQUIRE_SESSION to false, otherwise all pads can be opened by name (including private ones in graasp) in the Etherpad UI. To check with actual etherpad instance.