Conditions for review groups and repositories previously listed all

entries in the database, whether or not they'd be accessible to the

user. This wasn't a problem in the ways that conditions have been used

so far (since only superusers would be able to configure these and could

even see these lists), but this would be a security risk for future

features that involve Local Site admins or normal users.
This change updates these conditions to only return accessible review

groups or repositories. For Local Site admins, they'll only be able to

see the ones on their team, and normal users would only be able to see

public ones or ones they're on the access lists for.
The choices also no longer include entries that should be hidden, like

archived repositories, cleaning up the list further even in the standard

cases we have today.
As part of this improvement, the .accessible() query functions for

review groups and repositories has been improved a bit, adding new

documentation and a parameter for specifying whether Local Sites should

even be factored into the query (so that all entries regardless of the

local_site parameter would be returned).

Unit tests pass.
Tested this along with some upcoming work for RBCommons involving

conditions on the Team Admin UI.