Restrict menu/pages based on the various relations the user might have with the organization

We need to restrict menu items, pages, and forms to users who don't have access to those.

For example, a Red Hat with only the EMPLY role should not see a link to the contact form or the edit of my organization. The roles and their "access" is defined in this document:

https://docs.google.com/document/d/1Xg3RgQoJokBtT5cdCYeLipp8evcf3tnvwjvaPDRubhY/edit#heading=h.wgdfe35rbw0c

@malowe I am thinking that the API should be responsible for answering the question of what the user has access to.

I am thinking we might need an endpoint that would return a list of links for the sidebar menu based on the various relations that the user might have with the organization.

WDYT?

Edited Nov 03, 2021 by Christopher Guindon