refactor scopes for media services

[aditya-mitra]

Summary

🤖 Generated by Copilot at 95d6e2e

This pull request updates the authorization logic for the file-browser, static-resource-filters, and static-resource services to use more granular and specific roles and scopes. This enhances the security and access control for the media files and resources in the server.

References

refs #9161

Explanation

🤖 Generated by Copilot at 95d6e2e

• Restrict external access to the file-browser service by requiring the read scope for the editor role for all methods, and the write scope for the editor role for the create, update, and remove methods (link, link, link)
• Allow external access to the static-resource-filters service by requiring the read scope for the static_resource role for all methods, instead of the admin scope for the admin role (link)
• Restrict external access to the static-resource service by requiring the read scope for the static_resource role for the find method, and the write scope for the static_resource role for the create, update, patch, and remove methods, instead of allowing any external request or the admin scope for the admin role (link, link)
• Import the iff and isProvider functions from feathers-hooks-common in the static-resource-filters and static-resource service hooks to conditionally apply hooks based on the request provider (link, link)

🤖 Generated by Copilot at 95d6e2e

static_resource
role and scopes for services
autumn leaves fall fast

QA Steps

List any additional steps required to QA the changes of this PR, as well as any supplemental images or videos.

Checklist

• If this PR is still a WIP, convert to a draft
• When this PR is ready, mark it as "Ready for review"
• ensure all checks pass
• Changes have been manually QA'd
• Changes reviewed by at least 2 approved reviewers