chore: implement 'use' verb to template object, read has less scope now (#16075)

Template `use` is now a verb.
- Template admins can `use` all templates (org template admins same in
org)
- Members get the `use` perm from the `everyone` group in the
`group_acl`.

coderd/rbac/roles_test.go

@@ -232,6 +232,17 @@ func TestRolePermissions(t *testing.T) {
 				false: {setOtherOrg, orgAuditor, orgUserAdmin, memberMe, userAdmin, orgMemberMe},
 			},
 		},
+		{
+			Name:    "UseTemplates",
+			Actions: []policy.Action{policy.ActionUse},
+			Resource: rbac.ResourceTemplate.InOrg(orgID).WithGroupACL(map[string][]policy.Action{
+				groupID.String(): {policy.ActionUse},
+			}),
+			AuthorizeMap: map[bool][]hasAuthSubjects{
+				true:  {owner, orgAdmin, templateAdmin, orgTemplateAdmin, groupMemberMe},
+				false: {setOtherOrg, orgAuditor, orgUserAdmin, memberMe, userAdmin, orgMemberMe},
+			},
+		},
 		{
 			Name:     "Files",
 			Actions:  []policy.Action{policy.ActionCreate},