[STR-1077] Add License Manager resource check on top of admin role for protected APIs

[iago1501]

Summary

• IsValidAuthUser now enforces two conditions: user must be admin AND must have a specific License Manager resource
• Added HasLicenseManagerResourceAsync — queries GET /api/license-manager/users/{userId}/roles and checks if any role contains the required resource key
• Added LmRole / LmResource models for deserializing the LM roles response
• Resource key is declared as Constants.REQUIRED_ADMIN_RESOURCE = "vbase-read-write" (placeholder)

TODOs before releasing

• Replace "vbase-read-write" in dotnet/Data/Constants.cs with the actual LM resource key once the new resource is created in License Manager
• Verify the GET /api/license-manager/users/{userId}/roles endpoint returns the resource key field in the expected shape

Endpoints protected

• listRequests (Download Requests)
• processUnsentRequests (Process Unsent)
• deleteRequest

How to test it

Workspace

• Log in as an admin user with the resource assigned — confirm access is granted (200)
• Log in as an admin user without the resource — confirm access is denied (403)

🤖 Generated with Claude Code

[vtex-io-ci-cd]

Hi! I'm VTEX IO CI/CD Bot and I'll be helping you to publish your app! 🤖

Please select which version do you want to release:

• Patch (backwards-compatible bug fixes)

• Minor (backwards-compatible functionality)

• Major (incompatible API changes)

And then you just need to merge your PR when you are ready! There is no need to create a release commit/tag.

• No thanks, I would rather do it manually 😞

[vtex-io-docs-bot]

Beep boop 🤖

I noticed you didn't make any changes at the docs/ folder

• There's nothing new to document 🤔
• I'll do it later 😞

In order to keep track, I'll create an issue if you decide now is not a good time

• I just updated 🎉🎉

[github-actions]

	Messages
📖	❤️ Thanks!
📖	🎉 PR additions = 93, PR deletions = 16

Generated by 🚫 dangerJS against e8acc14