feat: forbid write apis when resources are managed by gateway

[bzwei]

forbid create/update/delete organzation, team, user apis when DIRECT_SHARED_RESOURCE_MANAGEMENT_ENABLED is True

AAP-24301: Update 2.5 EA EDA API to error on endpoints that correspond to gateway-managed resources

[mkanoor]

@bzwei How do these remote resources get cleaned up once they are in the EDA Database? If there is no delete would there be some system task that will do periodic checks to cleanup resources by synchronizing with the Gateway.
If the Gateway has the UI for doing a create/update/delete which effects the Gateway DB why can't we teach our UI to be getting the list of these remote objects directly listed via the gateway end point. Our list is only going to be partial based on the logged in user. Why not have all the shared resources be stored in Gateway and where we need it we store a ref to the remote object e.g. If organization is remote we should have a remote_resource attribute that stores the value as

{{ GATEWAY_HOST }}/api/v1/organization/15

So in or database we can have references to external objects and not copies. As soon as we start storing copies we have to worry about it going stale. With references we only have a link in our database.

I am guessing eventually the Credentials and Credential Types will also end up as a Remote Resource and when the UI wants to attach them to the Activation it would get the current list from the Gateway and then use a link in our database. When the workers start activation they will make a REST API call to fetch the Credential and Credential Types and do the appropriate things with it and send the data to ansible-rulebook.

[bzwei]

@bzwei How do these remote resources get cleaned up once they are in the EDA Database?
I tested and noticed the local database is in sync with the gateway even when the deletion occurs. There is no extra code to insert/delete the local db. The underly dab module must have the logic to keep them in sync.

[AlanCoding]

Link companion patch ansible/awx#15234