Add account locks to getAccountWithAuthorizationClaims method

[pascal-fischer]

Describe your changes

There was a race condition within the getAccountWithAuthorizationClaims method which was causing some operations to not store the updated data properly in the backend because it was overwriting with an old state. This PR adds account locks to this method to avoid overwriting.

How I reproduced:

• make sure you reach line 1782 in account.go (either remove the top conditions or use single account mode and change your env)
• add a random sleep between 0 and 2 seconds either in the updateAccountDomainAttributes right before the SaveAccount (line 1420) or within the SaveAccount method itself like

time.Sleep(time.Duration(rand.Float64() * float64(time.Second)))

• add a process querying any api endpoint so that the domain attributes get updated with a small enough frequency like

while true; do
 curl --request GET --url http://localhost/api/setup-keys --header 'Authorization: Token <PAT>' >/dev/null 2>&1
 sleep 0.2
done

• try to create a setup key

curl --request POST --url http://localhost/api/setup-keys --header 'Accept: application/json' --header 'Authorization: Token <PAT>' --header 'Content-Type: application/json' --data '{"name":"key1","type":"one-off","expires_in":604800,"revoked":false,"auto_groups":[],"usage_limit":1,"ephemeral":false}'

For the majority of attempts, this will not work and the key is not persistent in the database even though the API returns with success.

Issue ticket number and link

netbirdio/dashboard#371

Checklist

• Is it a bug fix
• Is a typo/documentation fix
• Is a feature enhancement
• It is a refactor
• Created tests that fail without the change (if possible)
• Extended the README / documentation, if necessary