* Add `delete-project` and `modify-admin` admin capabilities
* Add `isSuperAdmin` check
* Replace frontend checks
* Add requireAdminPermission middleware on disable2FA
* Remove `isSuperAdmin` tag
* Fix tests on admin capabilities
* Replace isSuperAdmin tests by tests in admin-roles
* Replace superadmin tests by admin-capabilities
* Update tests: server-pro admins are superadmins
* Remove "In Server Pro, all Admin users are also Super Admins"
* Update tests after revert "server-pro admins are superadmins"
* Create capability "delete-2fa"
* Add special privileges for admins in Server Pro to preserve the existing behaviour
* Reorder definitions to avoid future eslint error
* Add super_admins admin-role
* Add some sensible capabilityDependencies
* Fix inconsistency: super_admins -> super_admin
* In tests, await controller methods instead of using manual promises
Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com>
---------
Co-authored-by: Andrew Rumble <andrew.rumble@overleaf.com>
GitOrigin-RevId: ca1fff3ead5b2001cb5d5d25de15970d55fb2c1b
1c01d6048a