feat: Only show "Team Settings" menu for users with teamEditor role

[DafyddLlyr]

What does this PR do?

• Visually hides "Team Settings" menu for users who do not have the teamEditor or platformAdmin roles
  • Also handle "Global Settings" and "Flow Settings" displaying in the incorrect context
• Adds route guard for <team>/settings
  • Also added a guard for <team>/<flow>/settings and /global-setting as these were previously missed
• Correctly sets up Hasura permissions for the teamEditor role

If we decide we want / need a teamAdmin role we can add one in future but this seems fine to me for the moment

TeamEditor

Not TeamEditor

[github-actions]

Removed vultr server and associated DNS entries

[Mike-Heneghan]

Working as expected for me on the pizza with regard to hiding of the settings link 👍

As you mentioned I can still access the route but I see that's on the TODO.

Although I was surprised that I think the Hasura permissions still allowed me to edit the forms when I believe I was just a TeamViewer.

I was also able to update other teams design settings.

My user permissions:

"is_platform_admin": false,
"is_staging_only": false,
"teams": [
  {
    "role": "teamEditor",
    "team": {
      "slug": "templates"
    }
  },
  {
    "role": "teamViewer",
    "team": {
      "slug": "doncaster"
    }
  }
]

Is that expected behaviour or maybe I'm making a mistake locally?

I think this will effectively be resolved with the guard clauses I was just surprised 🤔

[Mike-Heneghan]

Working as expected for me on the pizza with regard to hiding of the settings link 👍

As you mentioned I can still access the route but I see that's on the TODO.

Although I was surprised that I think the Hasura permissions still allowed me to edit the forms when I believe I was just a TeamViewer.

I was also able to update other teams design settings.

My user permissions:

"is_platform_admin": false,
"is_staging_only": false,
"teams": [
  {
    "role": "teamEditor",
    "team": {
      "slug": "templates"
    }
  },
  {
    "role": "teamViewer",
    "team": {
      "slug": "doncaster"
    }
  }
]

Is that expected behaviour or maybe I'm making a mistake locally?

I think this will effectively be resolved with the guard clauses I was just surprised 🤔

Sorry @DafyddLlyr I didn't realised this had been swapped to draft.

[github-actions]

🤖 Hasura Change Summary compared a subset of table metadata including permissions:

Updated Tables (1)

• public.team_themes permissions:

  	insert	select	update	delete
  teamEditor			➕/➖

[DafyddLlyr]

I noticed that this was missing and picked up the fix here. On staging and prod you can navigate to <flow>/settings without the proper permissions.

[DafyddLlyr]

A few related fixes / tidy ups to the change made in this PR , apologies for polluting things a little.

[DafyddLlyr]

This equates to "teams where the user is a teamEditor"

[DafyddLlyr]

@Mike-Heneghan Thanks for taking a look - things should now be resolved 👍

[Mike-Heneghan]

All working as expected for me and thanks for updating the other routes as well!