Improve Permission Check to Consider Publisher Access Control when Accessing an API via the DevPortal

[hisanhunais]

Purpose

• This PR fixes the issue where an API with publisher access control is visible in the DevPortal to creators and publishers irrespective whether those users have the restricted roles specified under publisher access control of the API
• Related Public Issue: Direct API URL Access Can Bypass Role Restrictions in Devportal api-manager#3391

Approach

• Implemented the logic to honour the following conditions
  • If the API has not been restricted with publisher access control, the API will be visible to all creators and publishers irrespective of devportal visibility restrictions.
  • If the API has been restricted with publisher access control, the API will be visible to creators and publishers having the roles which has been specified under publisher access control irrespective of devportal visibility restrictions.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}