[Fixes #14152] Restrict the creation of remote resources to administrators only by default

[nrjadkry]

Fixes #14152

Checklist

Reviewing is a process done by project maintainers, mostly on a volunteer basis. We try to keep the overhead as small as possible and appreciate if you help us to do so by completing the following items. Feel free to ask in a comment if you have troubles with any of them.

For all pull requests:

• Confirm you have read the contribution guidelines
• You have sent a Contribution Licence Agreement (CLA) as necessary (not required for small changes, e.g., fixing typos in the documentation)
• Make sure the first PR targets the master branch, eventual backports will be managed later. This can be ignored if the PR is fixing an issue that only happens in a specific branch, but not in newer ones.

The following are required only for core and extension modules (they are welcomed, but not required, for contrib modules):

• There is a ticket in https://github.com/GeoNode/geonode/issues describing the issue/improvement/feature (a notable exemption is, changes not visible to end-users)
• The issue connected to the PR must have Labels and Milestone assigned
• PR for bug fixes and small new features are presented as a single commit
• PR title must be in the form "[Fixes #<issue_number>] Title of the PR"
• New unit tests have been added covering the changes, unless there is an explanation on why the tests are not necessary/implemented

Submitting the PR does not require you to check all items, but by the time it gets merged, they should be either satisfied or inapplicable.

[gemini-code-assist]

Code Review

This pull request introduces a new permission mechanism to control the addition of remote resources across documents, services, and datasets. It implements a synthetic permission, add_remote_resource, which is governed by the new REGISTERED_USERS_CAN_ADD_REMOTE_RESOURCES setting. The changes include integration of permission checks in the respective views and API endpoints, along with extensive unit tests. Feedback was provided to enhance test coverage by explicitly verifying database state after successful resource creation.

[gemini-code-assist]

To make this test more robust, it's a good practice to also verify that the document has been successfully created in the database, not just that the request resulted in a redirect.

Suggested change

	self.assertTrue(Document.objects.filter(title=title).exists())

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.61%. Comparing base (94ca636) to head (a4c9529).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #14156      +/-   ##
==========================================
- Coverage   74.62%   74.61%   -0.02%     
==========================================
  Files         958      958              
  Lines       57891    58134     +243     
  Branches     7889     7943      +54     
==========================================
+ Hits        43202    43375     +173     
- Misses      12927    12994      +67     
- Partials     1762     1765       +3     

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[giohappy]

@nrjadkry I think this check should go under the POST case

[giohappy]

my fault @nrjadkry I thought it was another section of the UI. Of course we don't want to present the form to non-admins by default.
Forget it.