Update Epic policy to take `confidential` attribute into account
Epic's permissions should take into account also epic's confidentiality.
Because confidential epics will be implemented behind a feature flag, confidentiality should be checked only if confidential_epics
feature flag is enabled.
Rules should be similar to confidential issues
This task will update only Epic policy - there are some places where we check epic permission against epic group, but these will be fixed separately.
Related to #197339 (closed)
Edited by Jan Provaznik