fix: Dashboard aware RBAC "Save as" menu item

[john-bodley]

SUMMARY

This PR (alongside #24789) fixes #24782.

Specifically (per #24782 (comment)) this PR ensures that the Save as menu item is not present when the DASHBOARD_RBAC feature is enabled and the user is neither an admin nor an owner. Note it's unclear whether a non-owner (irrespective of the feature flag setting) should ever be able to Save as a dashboard, though this PR simply preserves said behavior.

Regarding the backend logic he DashboardRestApi.copy_dash method invokes the @with_dashboard decorator which in turn calls DashboardDAO.get_by_id_or_slug which has the necessary security checks to ensure ensure said user has access. The conundrum is, if you ask where the user has access to the dashboard the answer is "yes", even though we're stating they can't copy it. The solution to this seems to be to add logic within the dashboard DAO.

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

BEFORE

AFTER

TESTING INSTRUCTIONS

ADDITIONAL INFORMATION

• Has associated issue:
• Required feature flags:
• Changes UI
• Includes DB Migration (follow approval process in SIP-59)
  • Migration is atomic, supports rollback & is backwards-compatible
  • Confirm DB migration upgrade and downgrade tested
  • Runtime estimates and downtime expectations provided
• Introduces new feature or API
• Removes existing feature or API

cc: @mdeshmu @sfirke

[codecov]

Codecov Report

Merging #24806 (089896f) into master (5522fac) will increase coverage by 0.00%.
Report is 2 commits behind head on master.
The diff coverage is 36.00%.

❗ Current head 089896f differs from pull request most recent head fe44656. Consider uploading reports for the commit fe44656 to get more accurate results

@@           Coverage Diff           @@
##           master   #24806   +/-   ##
=======================================
  Coverage   69.00%   69.00%           
=======================================
  Files        1906     1906           
  Lines       74138    74147    +9     
  Branches     8208     8209    +1     
=======================================
+ Hits        51158    51166    +8     
- Misses      20857    20858    +1     
  Partials     2123     2123           

Flag	Coverage Δ
hive	54.17% <4.34%> (-0.01%)	⬇️
javascript	55.84% <100.00%> (+<0.01%)	⬆️
mysql	79.21% <30.43%> (+<0.01%)	⬆️
postgres	79.31% <30.43%> (+<0.01%)	⬆️
presto	54.07% <4.34%> (-0.01%)	⬇️
python	83.37% <30.43%> (+<0.01%)	⬆️
sqlite	77.89% <30.43%> (+<0.01%)	⬆️
unit	55.04% <4.34%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
superset-frontend/src/dashboard/actions/hydrate.js	2.04% <ø> (ø)
...et-frontend/src/dashboard/components/SaveModal.tsx	39.28% <ø> (ø)
superset/cli/native_filters.py	0.00% <0.00%> (ø)
...uperset/utils/dashboard_filter_scopes_converter.py	15.38% <0.00%> (-0.41%)	⬇️
...set-frontend/src/dashboard/util/permissionUtils.ts	88.23% <100.00%> (+1.56%)	⬆️
superset/daos/dashboard.py	96.77% <100.00%> (+0.04%)	⬆️
superset/dashboards/api.py	92.60% <100.00%> (+0.05%)	⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[mdeshmu]

@john-bodley can you please look into failing tests.

[mdeshmu]

@betodealmeida @villebro @michael-s-molina Please review this.

[michael-s-molina]

I think you mistakenly committed _update-notifier-last-checked. Could you delete it?

[michael-s-molina]

LGTM but please remove _update-notifier-last-checked before merging it.