fix: backport billing-only settings access to 5.0

[jobenjada]

What does this PR do?

Backports #8053 to release/5.0.

Enforces billing-role settings restrictions server-side so billing users are redirected to the billing settings page on Cloud and the enterprise settings page on self-hosted deployments. It also guards direct URL access to restricted organization/account settings pages and aligns the sidebar disabled state for Feedback Directories with other inaccessible settings entries.

Related: ENG-982

How should this be tested?

• pnpm exec eslint "apps/web/app/(app)/workspaces/[workspaceId]/components/SettingsSidebarContent.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/account/layout.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/lib/redirect-billing-role.test.ts" "apps/web/app/(app)/workspaces/[workspaceId]/settings/lib/redirect-billing-role.ts" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/api-keys/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/billing/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/domain/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/enterprise/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/feedback-directories/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/general/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/organization/teams/page.tsx" "apps/web/app/(app)/workspaces/[workspaceId]/settings/page.tsx"
• pnpm --filter @formbricks/web exec vitest run "app/(app)/workspaces/[workspaceId]/settings/lib/redirect-billing-role.test.ts"
• Manual regression from fix: enforce billing-only settings access #8053:
  • Verify as billing role on Cloud: restricted settings URLs redirect to /settings/organization/billing.
  • Verify as billing role on self-hosted: restricted settings URLs redirect to /settings/organization/enterprise.
  • Verify owners/managers retain access to organization/account settings pages.

Checklist

Required

• Filled out the "How to test" section in this PR
• Read How we Code at Formbricks
• Self-reviewed my own code
• Commented on my code in hard-to-understand bits
• Ran pnpm build
• Checked for warnings, there are none
• Removed all console.logs
• Merged the latest changes from main onto my branch with git pull origin main
• My changes don't cause any responsiveness issues
• First PR at Formbricks? Please sign the CLA! Without it we wont be able to merge it 🙏

Appreciated

• If a UI change was made: Added a screen recording or screenshots to this PR
• Updated the Formbricks Docs if changes were necessary

  

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud