Add /api/v1/admin/domain_allows (#18668)

- `GET /api/v1/admin/domain_allows` lists allowed domains
- `GET /api/v1/admin/domain_allows/:id` shows one by ID
- `DELETE /api/v1/admin/domain_allows/:id` deletes a given domain from the list
  of allowed domains
- `POST /api/v1/admin/domain_allows` to allow a new domain:
  if that domain is already allowed, the existing DomainAllow will be returned

app/policies/domain_allow_policy.rb

@@ -1,6 +1,14 @@
 # frozen_string_literal: true
 
 class DomainAllowPolicy < ApplicationPolicy
+  def index?
+    admin?
+  end
+
+  def show?
+    admin?
+  end
+
   def create?
     admin?
   end