Check asset requests against active workflows #113
Description
Once we have #112, we should check incoming requests for assets against the active workflows, as well as against the policies. The WorkflowOrchestrator would have to send execution requests also to asset sources, not just to sites running steps. Then only if there is permission and an active workflow do we send the asset. And in the future, update our accounting system to bill the owner of the workflow, where applicable.