[PM-20642] - [Vault] [Web App] Front End Changes to Enforce "Remove card item type policy" (#15097)

* add restricted item types service and apply it to filter web cipher

* code cleanup. add shareReplay

* account for multiple orgs when restricting item types

* restrict item types for specific orgs

* clean up logic. use policiesByType$

* track by item.type

* clean up filtering. prefer observable. do not exempt owners for restricted item types

* simplify in vault-filter. move item filter logic to vault. fix tests

* don't return early in filter-function

libs/common/src/admin-console/services/policy/default-policy.service.ts

@@ -228,15 +228,19 @@ export class DefaultPolicyService implements PolicyService {
       case PolicyType.MaximumVaultTimeout:
         // Max Vault Timeout applies to everyone except owners
         return organization.isOwner;
+      // the following policies apply to everyone
       case PolicyType.PasswordGenerator:
-        // password generation policy applies to everyone
+        // password generation policy
+        return false;
+      case PolicyType.FreeFamiliesSponsorshipPolicy:
+        // free Bitwarden families policy
+        return false;
+      case PolicyType.RestrictedItemTypes:
+        // restricted item types policy
         return false;
       case PolicyType.PersonalOwnership:
         // individual vault policy applies to everyone except admins and owners
         return organization.isAdmin;
-      case PolicyType.FreeFamiliesSponsorshipPolicy:
-        // free Bitwarden families policy applies to everyone
-        return false;
       default:
         return organization.canManagePolicies;
     }