SEAB-6448: Make various WorkflowResource endpoints refuse to update .dockstore.yml-based workflows

[svonworl]

Description As part of the investigation of https://ucsc-cgl.atlassian.net/browse/SEAB-6448 and https://ucsc-cgl.atlassian.net/browse/SEAB-6449 (see Slack thread https://ucsc-gi.slack.com/archives/C05EZH3RVNY/p1717540768164039), we found via testing that a workflow owner can restub .dockstore.yml-based workflows via the API, and probably update them via various other WorkflowResource endpoints intended only for use on STUB/FULL workflows. This PR changes these endpoints to gracefully refuse to update .dockstore.yml-based workflows.

Review Instructions Create a .dockstore.yml-based workflow on qa, then attempt to restub it via the API. The attempt should fail with a BAD_REQUEST response code and a useful error message.

Issue https://ucsc-cgl.atlassian.net/browse/SEAB-6448 https://ucsc-cgl.atlassian.net/browse/SEAB-6449

Security and Privacy

• [x] Security and Privacy assessed

e.g. Does this change...

• Any user data we collect, or data location?
• Access control, authentication or authorization?
• Encryption features?

Please make sure that you've checked the following before submitting your pull request. Thanks!

• [x] Check that you pass the basic style checks and unit tests by running mvn clean install
• [x] Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket.
• [x] Follow the existing JPA patterns for queries, using named parameters, to avoid SQL injection
• [x] If you are changing dependencies, check the Snyk status check or the dashboard to ensure you are not introducing new high/critical vulnerabilities
• [x] Assume that inputs to the API can be malicious, and sanitize and/or check for Denial of Service type values, e.g., massive sizes
• [x] Do not serve user-uploaded binary images through the Dockstore API
• [x] Ensure that endpoints that only allow privileged access enforce that with the @RolesAllowed annotation
• [x] Do not create cookies, although this may change in the future
• [x] If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 84.61538% with 2 lines in your changes missing coverage. Please review.

Project coverage is 74.55%. Comparing base (b881d9c) to head (fdb67c6).

:exclamation: Current head fdb67c6 differs from pull request most recent head 38b28c1

Please upload reports for the commit 38b28c1 to get more accurate results.

Files	Patch %	Lines
...ckstore/webservice/resources/WorkflowResource.java	84.61%	0 Missing and 2 partials :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## develop #5905 +/- ## ============================================== + Coverage 32.14% 74.55% +42.41% - Complexity 2363 5365 +3002 ============================================== Files 375 374 -1 Lines 19418 19439 +21 Branches 2030 2028 -2 ============================================== + Hits 6242 14493 +8251 + Misses 12575 3973 -8602 - Partials 601 973 +372 ``` | [Flag](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | Coverage Δ | | |---|---|---| | [bitbuckettests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `27.01% <30.76%> (?)` | | | [hoverflytests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `27.42% <15.38%> (?)` | | | [integrationtests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `57.05% <76.92%> (?)` | | | [languageparsingtests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `11.08% <0.00%> (?)` | | | [localstacktests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `21.61% <15.38%> (?)` | | | [toolintegrationtests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `30.35% <15.38%> (+13.00%)` | :arrow_up: | | [unit-tests_and_non-confidential-tests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `25.99% <0.00%> (+0.33%)` | :arrow_up: | | [workflowintegrationtests](https://app.codecov.io/gh/dockstore/dockstore/pull/5905/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore) | `38.38% <53.84%> (?)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=dockstore#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
88.2% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud