Support standard M2M scopes - part 3

[maxceem]

Previously we've implemented support for M2M scopes and unified permission rules for some part of endpoints via PR #555 and PR #571

We have to apply the same approach for the rest of the endpoints.

Questions

1. Should we add a separate scope for Timelines? Like:

   • all:projects-timelines
   • write:projects-timelines
   • read:projects-timelines

   or use the same scopes as for projects?

2. Should we add a separate scope for all the metadata? Like:

   • all:projects-metadata
   • write:projects-metadata
   • read:projects-metadata

   or use the same scopes as for projects?

cc @vikasrohit

[vikasrohit]

Both needs separate scopes. for timelines remove projects- i.e. all:timelines and so on. There some other application for timelines in system which I think is in progress but I am not sure if they are using m2m scopes or not or if they use the term timeline at all. So, for now, use xxx:timelines and in case we find it conflicting with some existing scope, we can get it renamed.