Enable permission check for updating a billing account

[maxceem]

Some time ago we had to disable permission check for updating a billing account due to some use case got broken, see commit e491fff.

Though as now we had removed the permission check for updating a billing account in the Legacy Project Processor (see issue topcoder-platform/legacy-project-processor#12) we rely on this validation in the Project Service so we have to consider re-enable it.

FYI @vikasrohit

[vikasrohit]

@acshields we need to discuss this

[maxceem]

As per discussion on Slack with Vikas:

• we need to think more about the billing account permission check because the check we had earlier was preventing a user from updating the billing account for project but it was not validating if the same user actually has permissions on the billilng account or not, which is more important and I guess it is what was implemented in legacy project processor
• we can use the next V3 endpoint for getting billing accounts which users has access to:

   curl 'https://api.topcoder-dev.com/v3/me/billing-accounts' \
     -H 'pragma: no-cache' \
     -H 'cache-control: no-cache' \
     -H 'accept: application/json, text/plain, */*' \
     -H 'authorization: Bearer <USER TOKEN> \
     -H 'sec-fetch-site: cross-site' \
     -H 'sec-fetch-mode: cors' \
     -H 'sec-fetch-dest: empty' \
     -H 'accept-language: en-US,en;q=0.9' \
     --compressed
  

• m2m calls can still perform the operation if they has the scope of billing account updates, BUT no users can do it, even if they are administrators. User can only do this operation, if they have access to the billing account as per above.