Update access for cas_admin and cas_analyst

[BCerki]

Dependencies

Blocked by #2493 and #2494 (not technically blocked, but will avoid conflicts and be easier to wrap our heads around)
Blocked by #2522

Description:

As a cas-admin or cas_analyst user, I should have edit and view-only functionality as listed in this table.

Acceptance Criteria:

cas_admin:

• Only editable piece is internal user access
• View-only access to the external user grid
• can't assign boro or bcghg id
• Check and update the endpoint and service permissions for this new role to ensure the user has the correct access.
  cas_analyst
• Manage first-time operator admin role approvals
• Manage Transfers
• view only everything else
  both
• reg 1 still needs to be accessible by cas_admin and cas_analyst, same as before

Development Checklist:

• update conditionality to the operator admin role approvals (added in Creation of cas_view_only user role #2494) so that cas_admin cannot manage first-time operator admin role approvals (only cas_director and cas_analyst can)

• can't assign boro or bcghg id (this should already be done as part of Creation of cas-director user role #2493

• make sure reg 1 users still have access

• confirm that cas_admin can/can't only do the things in the miro board

• all cas users can view everything, so check if we need the internal admin vs internal dashboard, or if we can just use one

• [ ] Meets the DOD

Definition of Ready (Note: If any of these points are not applicable, mark N/A)

• User story is included
• User role and type are identified
• Acceptance criteria are included
• Wireframes are included (if required)
• Design / Solution is accepted by Product Owner
• Dependencies are identified (technical, business, regulatory/policy)
• Story has been estimated (under 13 pts)

·Definition of Done (Note: If any of these points are not applicable, mark N/A)

• Acceptance criteria are tested by the CI pipeline
• UI meets accessibility requirements
• Configuration changes are documented, documentation and designs are updated
• Passes code peer-review
• Passes QA of Acceptance Criteria with verification in Dev and Test
• Ticket is ready to be merged to main branch
• Can be demoed in Sprint Review
• Bugs or future work cards are identified and created
• Reviewed and approved by Product Owner

Notes:

[BCerki]

Manage first-time operator admin role approvals (#2059) and Manage Transfers (#2427) are in-progress, so no role can do either of these at the moment. Giving access to the correct roles is part of those tickets

[vesselak]

Manage first-time operator admin role approvals (#2059) and Manage Transfers (#2427) are in-progress are in progress so the functionality should be tested as part of those tickets. I can assume the roles and navigate in the dev environment