Users should only access time entries that belongs to them

In all actions of the API namespace for time entries, we should make sure that the data that is going to be manipulated actually belongs to the requesting user.

TODO:
Apply the necessary changes to the DAO of the time entries and its corresponding tests.