Rest API "Apply Edits request" can theoretically edit/delete features which are not queryable due to layer definition query.
It would help in building secure and robust services if it couldnt.
Thanks for posting this, and thanks again for bringing the issue to light.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.