MAB-728: Improve role invite permission

[Joselgc1]

Description

When inviting users, the role dropdown showed all available roles regardless of the inviting user's permissions, meaning any user with invite access could assign roles they shouldn't be able to. Added a new assignableRoles GraphQL query on the backend that filters the role list based on the user's permissions: users with can_see_users still see all roles, but others only see roles they've been explicitly authorized to assign. The invite button is hidden entirely when the user has no assignable roles.

Useful links

• https://www.notion.so/Improve-role-invite-permission-311d463fd8c4803dab41cb04a63b2b1f?source=copy_link

Type of change

• Bug fix (non-breaking change which fixes an issue)
• Improvement (refactor or addition to existing functionality)

Checklist:

( * == Mandatory )

• - I have set myself as assignee of the pull request
• - My code follows the style guidelines of this project
• - Linting does not generate new warnings
• - I have performed a self-review of my own code
• - I have put the ticket for review, adding the oort-backend team to the list of reviewers
• - I have commented my code, particularly in hard-to-understand areas
• - I have put JSDoc comment in all required places
• - My changes generate no new warnings
• - I have included screenshots describing my changes if relevant
• - I have selected labels in the Pull Request, according to the changes with code brings
• I have made corresponding changes to the documentation ( if required )
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules