cleanup user management templates' and views' auth checks with extra permissions context

[teovin]

This PR cleans up some of the user management templates and their repeated request.user checks by creating a context processor that's populated with ui flags. The flags include actions and which users can carry them out, which are then received by the templates, and used to decide what content to render.

I created an access module to define the access conditions. Along with the above, I also used this to power the @user_passes_test_or_403 checks in the user_management view in an attempt to reduce the repetition of the user checks there as well. (I see the @user_passes_test_or_403(lambda user:... is used outside of user management view, and can address those in a separate PR)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 69.50%. Comparing base (6bf09c5) to head (2443000).
⚠️ Report is 65 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #3763      +/-   ##
===========================================
+ Coverage    69.41%   69.50%   +0.08%     
===========================================
  Files           58       60       +2     
  Lines         7870     7942      +72     
===========================================
+ Hits          5463     5520      +57     
- Misses        2407     2422      +15     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[rebeccacremona]

Thanks for giving this a whack; these templates are just wild lol.

The templates are much easier to read with those named booleans, and the reduction of the dozens of inline lambdas in the permission checks is delightfully DRY.

I don't, however, think a context processor is the way to go: context processors run on every HTML request (homepage, settings, playback, etc.), just to build the ~20 flags needed by the user-management pages. I think we can go with a narrower helper, explicitly called by the views that need it. I think that will also be less confusing than having the default context build automatically, and then overriding it in places with calls like context['user_management_perms'] = build_user_management_perms(request, screen=group_name).

I'm going to take a swing at tweaking the architecture of your code, for your consideration: we can looks at the advantages and disadvantages of both together and pick whichever aspects seem cleanest and most intuitive 🤝

[rebeccacremona]

Alrighty! I made a PR to your PR: teovin#2

When you're back, let's chat about whether you like these ideas, or whether I messed up something about your original structure!

Cheers,