API permissions are not configured for /organizations endpoint

[nmcharlton]

The /organizations API endpoint does not have user permissions explicitly set in the server.
Querying this endpoint returns 401 Unauthorized.

The symptom of this is that organizations are not listed in the Verify filter or the Edit Planter dialog.

This bug is masked in a development environment because we're skipping API permissions checks.