fix: The permissions issue of the editor role accessing some backend … (#6945)

Co-authored-by: liuzhenghua-jk <liuzhenghua-jk@360shuke.com>

api/controllers/console/app/message.py

@@ -149,8 +149,7 @@ class MessageAnnotationApi(Resource):
     @get_app_model
     @marshal_with(annotation_fields)
     def post(self, app_model):
-        # The role of the current user in the ta table must be admin or owner
-        if not current_user.is_admin_or_owner:
+        if not current_user.is_editor:
             raise Forbidden()
 
         parser = reqparse.RequestParser()