Users without project admin permissions cannot update multivariate features

[rolodato]

How are you running Flagsmith

• [x] Self Hosted with Docker
• [x] Self Hosted with Kubernetes
• [x] SaaS at flagsmith.com
• [ ] Some other way (add details in description below)

Describe the bug

Trying to update a multivariate feature's description while not having project admin permissions results in a 403:

{"detail":"User must be project admin to modify / create MV options."}

from https://github.com/Flagsmith/flagsmith/blob/e2dbff2d22db9c14c71886572e6c0022d80f23d5/api/features/serializers.py#L234

Steps To Reproduce

1. Assign a user CREATE_FEATURE permissions but not project admin
2. As that user, try to update a multivariate feature's description

The update fails with no error message:

Expected behavior

Allow updating multivariate features while not being project admin.

Screenshots

No response

[matthewelwell]

This is somewhat linked to the conversation here. We should invest in reviewing our project level permissions related to the modification of features across all environments.

In the meantime, we will update the FE to not allow users without project admin permissions to trigger this request so that the FE and BE are in agreement.

Next steps:

1. Create a new issue to bring the FE inline with the API and add to Sprint 1 (@tiagoapolo)
2. Discuss the above permissions conversation further with @rolodato (@tiagoapolo @gagantrivedi)

[matthewelwell]

As per the comment here and the PR here, this issue should no longer be necessary. Closing unless told otherwise.