fix: use SA token for DWOC fetches in backup routes

[akurinnoy]

What does this PR do?

This PR fixes 403 Forbidden errors on backup API endpoints for non-admin users. The PR splits the API clients so that cluster-scoped reads (DWOC, registry auth secrets) use the dashboard service account token, while namespace-scoped reads (DevWorkspaces, Jobs, ImageStreams) continue using the user's token.

Depends on eclipse-che/che-operator#2099

Screenshot/screencast of this PR

What issues does this PR fix or reference?

Is it tested? How?

1. Deploy Eclipse Che and patch the dashboard image.
2. Ensure backup is enabled and configured in the DWOC.
3. Ensure the dashboard SA has DWOC read permission.
4. Log in as a non-admin user.
5. Create a workspace and wait for it to be backed up.

• Backups page - should list the backed-up workspace (not empty, no error)
• Workspace details -> Backup tab - should show backup status (SUCCESS, schedule, image URL)

6. Verify no regression as admin: repeat step 5 - everything should work identically.

Release Notes

Docs PR

[che-bot]

Click here to review and test in web IDE:

[github-actions]

Docker image build succeeded: quay.io/eclipse/che-dashboard:pr-1484

kubectl patch command

kubectl patch -n eclipse-che "checluster/eclipse-che" --type=json -p="[{"op": "replace", "path": "/spec/components/dashboard/deployment", "value": {containers: [{image: "quay.io/eclipse/che-dashboard:pr-1484", name: che-dashboard}]}}]"

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.37%. Comparing base (dce021f) to head (6f70460).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1484   +/-   ##
=======================================
  Coverage   93.37%   93.37%           
=======================================
  Files         563      563           
  Lines       54432    54439    +7     
  Branches     4121     4118    -3     
=======================================
+ Hits        50826    50834    +8     
+ Misses       3561     3560    -1     
  Partials       45       45           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dkwon17]

Tested with both admin and non admin with backups for internal and external registries:

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: akurinnoy, dkwon17, svor

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment