Add the ability to debug a given Flagsmith user's permissions

[matthewelwell]

As our permission system gets more complicated, answering the question “what resources does this Flagsmith user have access to?” is becoming annoying. Users can now have permissions directly, through groups, through roles, or through roles attached to groups. This will allow an administrator to see which resulting permissions a user has from any of their methods of attaching them.

[kyle-ssg]

I guess this will need some form of API, we'd want to return where the permission is coming from, something like

/api/v1/environments/{environment_api_key}/user-permissions/{id}/all
/api/v1/projects/{project_id}/user-permissions/{id}/all


{
    "admin": boolean,
    "permissions": {
        "permission_key": string,
        "tags": number[],
        "derived_from": { // if both of these are undefined it means its a user permission
            "group": number | undefined, // what group it came from if any
            "role": number | undefined // what role it came from if any
        }
    }[]
}

[matthewelwell]

Next steps on this one are:

1. @tiagoapolo and @rolodato to discuss and design UI / build requirements (reach out to customers if needed)
2. TBC - design API interface, similar to what kyle has suggested

[rolodato]

Here is a brief video describing the problem without mentioning this specific solution/approach too much:

Screen.Recording.2025-03-06.at.11.56.04.mov