Closes #2663

This PR sets visible/nonvisible and editable/readonly permissions on the fields of ClaimsProvider for superuser and Cal-ITP group members, and lets Cal-ITP group members add instances of the ClaimsProvider model.

Reviewing

Set DJANGO_ALLOWED_HOSTS=benefits.calitp.org,localhost in your .env file (and don't forget to source .env in the dev container's terminal) so that you can see the add ClaimsProvider model behavior as it would run on prod. Otherwise, you will always be able to add the ClaimsProvider model because of

def has_add_permission(self, request):
        if settings.RUNTIME_ENVIRONMENT() != settings.RUNTIME_ENVS.PROD:
            return True

Log in to the admin interface as a superuser and verify the checklist for superuser shown below.

Log in to the admin interface as a Cal-ITP group member (the easiest way to set up a Cal-ITP group member is to remove the superuser attribute from the benefits-admin user and to add it to the Cal-ITP group) and verify the checklist for Cal-ITP group member shown below.

For the verification, ensure model and field permissions match the permissions in the Benefits admin configuration spreadsheet for model/field permissions for each user level (Admin, Cal-ITP, Transit agency). Note that in this spreadsheet, each field indicate the lowest level user type, e.g. if a field is marked as readable by Cal-ITP, then it should also be readable by a superuser.

superuser

• Confirm all fields of ClaimsProvider are visible and editable as before
• Confirm ClaimsProvider can be added as before

Cal-ITP group member

• Confirm correct fields are visible/nonvisible, and editable/readonly
• Confirm new instances of the ClaimsProvider model can be added AND saved