Redirect user to platform supported collection

* AAP 2.5 Controller 4.6 Org, User, and Team endpoints are restricted.
  When the user performs a restricted operation via the Controller
  collection, kindly notify them that they should be using the platform
  collection instead.

awx_collection/plugins/module_utils/controller_api.py

@@ -525,7 +525,18 @@ class ControllerAPIModule(ControllerModule):
                 self.fail_json(msg='Invalid authentication credentials for {0} (HTTP 401).'.format(url.path))
             # Sanity check: Did we get a forbidden response, which means that the user isn't allowed to do this? Report that.
             elif he.code == 403:
-                self.fail_json(msg="You don't have permission to {1} to {0} (HTTP 403).".format(url.path, method))
+                # Hack: Tell the customer to use the platform supported collection when interacting with Org, Team, User Controller endpoints
+                err_msg = he.fp.read().decode('utf-8')
+                try:
+                    # Defensive coding. Handle json responses and non-json responses
+                    err_msg = loads(err_msg)
+                    err_msg = err_msg['detail']
+                # JSONDecodeError only available on Python 3.5+
+                except ValueError:
+                    pass
+                prepend_msg = " Use the collection ansible.platform to modify resources Organization, User, or Team." if (
+                    "this resource via the platform ingress") in err_msg else ""
+                self.fail_json(msg="You don't have permission to {1} to {0} (HTTP 403).{2}".format(url.path, method, prepend_msg))
             # Sanity check: Did we get a 404 response?
             # Requests with primary keys will return a 404 if there is no response, and we want to consistently trap these.
             elif he.code == 404: