Backport of api: refactor ACL check for namespace wildcard into release/1.3.x

[hc-github-team-nomad-core]

Backport

This PR is auto-generated from #13606 to be assessed for backporting due to the inclusion of the label backport/1.3.x.

The below text is copied from the body of the original PR.

---

Improve how the all namespaces wildcard (*) is handled when checking
ACL permissions. When using the wildcard namespace the AllowNsOp would
return false since it looks for a namespace called * to match.

This commit changes this behavior to return true when the queried
namespace is * and the token allows the operation in any namespace.

Actual permission must be checked per object. The helper function
AllowNsOpFunc returns a function that can be used to make this
verification.

#13608 applies this changes to the existing Job and Alloc list endpoints.
#13530 applies this changes to the Eval list endpoint to fix a bug.

The work has been split to allow for easier backporting.

[github-actions]

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.