switch APIKEY to side system to email like Google

[riderx]

Describe the bug/issue
Currently one apikey is a sub entity of an user and duplicate all our RLS check to work for both.
If we apply google system where a APIKEY is an user create by someone then all RLS would be the same for user and APIKEY and simplify all.
this will make thing easier at many level the only complexity is to make this user manageable by the main user.

[riderx]

then switch to https://database.dev/pointsource/supabase_rbac or https://supabase.com/docs/guides/database/postgres/custom-claims-and-role-based-access-control-rbac for all role access