ADM-OPERATION-251 - Add accounts to a PRIVATE Operation

Adds one or more accounts to a PRIVATE Operation to control visibility.

Feature flag

• Requires OPERATIONS_ENABLED to be active.
  
  

Access control

• OPERATOR: can add any account to any PRIVATE Operation.
  
• ACCOUNT (FOC): can add accounts only on Operations they own (ownerId = customerUserId) and if they have the OPERATIONS_ADD_ACCOUNTS permission.
  
  

Store scoping

• Effective store is the dj-store header if provided, otherwise the tenant default store.
  
• ACCOUNT must be attached to the effective store; otherwise 403.
  
  

Constraints

• Only DRAFT Operations are editable.
  
• Only PRIVATE Operations accept account associations.
  
• Request body must be a non-empty array of accountExternalId strings.
  
• Already linked accounts are ignored.
  
• Unknown accounts are ignored.
  
• If none of the provided IDs are valid, the API returns 404.