add access tokens to organization member permissions

Author: n1ru4l

packages/services/api/src/modules/organization/lib/organization-member-permissions.ts

@@ -17,6 +17,13 @@ export const permissionGroups: Array<PermissionGroup> = [
         title: 'Access support tickets',
         description: 'Member can access, create and reply to support tickets.',
       },
+      {
+        id: 'accessToken:modify',
+        title: 'Manage organization access tokens',
+        description: 'Member can create and delete organization access tokens.',
+        warning:
+          'Granting a role the ability to manage members enables it to elevate its own permissions.',
+      },
       {
         id: 'organization:modifySlug',
         title: 'Update organization slug',
@@ -266,7 +273,6 @@ assertAllRulesAreAssigned([
   'appDeployment:publish',
   'appDeployment:retire',
   'usage:report',
-  'accessToken:modify',
 ]);
 
 /**