Implement new roles, as per concept - REST Permissions.
The basic proposal is three roles covering different scenarios: rest-admin, rest-anonymous, and rest-editor (the latter renamed from current rest role).
e.g. for rest-admin
Role name: rest-admin
Full name: REST Administrator
Role description: This role bla bla bla...
(Currently, most roles seem to use description as full name, but let's get this better for rest)