Prevent Public Resource Creation

[vbhayden]

From https://github.com/cassproject/CASS/issues/226

The goal of this change is to allow server admins to prevent public creation of competencies, frameworks, etc. by requiring that those requests be associated with a logged-in user and presumably leave that enforcement to an OIDC provider.

Security Impact: This will hopefully harden CASS against fuzz attackers. Presumptive Impact: Servers configured this way will require a slightly modified UI that will understand when their respective instance requires authorized users and disable their "Add New __" widgets when necessary. These changes aren't included here and will be added later.