[SM-382] Service Account access policy checks (#2603)

The purpose of this PR is to add access policy checks to service account endpoints.

src/Core/Repositories/IServiceAccountRepository.cs

@@ -1,11 +1,14 @@
 using Bit.Core.Entities;
+using Bit.Core.Enums;
 
 namespace Bit.Core.Repositories;
 
 public interface IServiceAccountRepository
 {
-    Task<IEnumerable<ServiceAccount>> GetManyByOrganizationIdAsync(Guid organizationId);
+    Task<IEnumerable<ServiceAccount>> GetManyByOrganizationIdAsync(Guid organizationId, Guid userId, AccessClientType accessType);
     Task<ServiceAccount> GetByIdAsync(Guid id);
     Task<ServiceAccount> CreateAsync(ServiceAccount serviceAccount);
     Task ReplaceAsync(ServiceAccount serviceAccount);
+    Task<bool> UserHasReadAccessToServiceAccount(Guid id, Guid userId);
+    Task<bool> UserHasWriteAccessToServiceAccount(Guid id, Guid userId);
 }

src/Core/SecretManagerFeatures/AccessTokens/Interfaces/ICreateAccessTokenCommand.cs

@@ -4,5 +4,5 @@ namespace Bit.Core.SecretManagerFeatures.AccessTokens.Interfaces;
 
 public interface ICreateAccessTokenCommand
 {
-    Task<ApiKey> CreateAsync(ApiKey apiKey);
+    Task<ApiKey> CreateAsync(ApiKey apiKey, Guid userId);
 }

src/Core/SecretManagerFeatures/ServiceAccounts/Interfaces/IUpdateServiceAccountCommand.cs

@@ -4,5 +4,5 @@ namespace Bit.Core.SecretManagerFeatures.ServiceAccounts.Interfaces;
 
 public interface IUpdateServiceAccountCommand
 {
-    Task<ServiceAccount> UpdateAsync(ServiceAccount serviceAccount);
+    Task<ServiceAccount> UpdateAsync(ServiceAccount serviceAccount, Guid userId);
 }