Separate workspace access control concerns by introducing a dedicated WorkspaceACLFilterBackend for list operation filtering, while keeping the Permission class focused on coarse-level access checks.

Currently in Permission Classes are mixed authorization logic for:

• v1 access checks -
  • GET/DELETE/PATCH/PUT 
  • list 
• v2 access checks
  • GET/DELETE/PATCH/PUT 
  • list
• system user for service to s2s communication
  • GET/DELETE/PATCH/PUT 
  • list 

Permission Classes as WorkspaceAccessPermission should still be for access to object like GET/DELETE/PATCH/PUT.

For ACL queries we need to use django filter backends - https://www.django-rest-framework.org/api-guide/filtering/#djangofilterbackend

Depending on state of v2 checks enabled - we might need to remove v1 workspace checks completely.