In cases where a license is expired, or a user has an expired license, releases and artifacts would allow inaccessible releases and artifacts in the underlying scope, which would later fail with an 403 authorization response. Although this was correct behavior i.r.t. authz, this was problematic i.r.t. UX, because it severely complicated and even forbade listing a license's or user's available releases and artifacts, and also completely broke upgrades after expiration, since both cases would return inaccessible resources.
This PR resolves those problems by making the scopes aware of each license's expiration and applies it during scoping, according to each license's expiration strategy.
In cases where a license is expired, or a user has an expired license, releases and artifacts would allow inaccessible releases and artifacts in the underlying scope, which would later fail with an 403 authorization response. Although this was correct behavior i.r.t. authz, this was problematic i.r.t. UX, because it severely complicated and even forbade listing a license's or user's available releases and artifacts, and also completely broke upgrades after expiration, since both cases would return inaccessible resources.
This PR resolves those problems by making the scopes aware of each license's expiration and applies it during scoping, according to each license's expiration strategy.