Allow for team ownership of files/interactiosn with API

[wdower]

Most use cases for Heimdall (especially pipeline integrations via the API) can benefit from having a team as a logical unit for RBAC purposes. For example, a an app's CI/CD pipeline should be able to push scan output to Heimdall with an API key associated with the entire dev team to make scan content available to all developers without the scan ownership being tied to a particular user.