Prevent supabase role deletion and creation of roles by users without permission

[sagarsrc]

I have read the CONTRIBUTING.md file.

YES

What kind of change does this PR introduce?

Bug fix, resolves supabase#41599

What is the new behavior?

1. if the user manually adds delete=${roleId} query param to the url, and roleId is the role id of a Supabase role, the confirmation dialog won't appear. Instead, the user will get a toast message saying "Cannot delete role as it is a Supabase role".

2. if the user manually adds new=true query param to the url, and he/she isn't allowed to create roles, the action buttons of the side panel ("cancel", "save") are disabled, whether the form values change or not.

Edit: removed useQueryStateWithSelect.

Summary by CodeRabbit

• New Features

  • Creation panel now respects permissions and shows a disabled state when role creation is not allowed.
  • Delete action selection updated to use explicit role selection, improving deletion flow clarity.

• Bug Fixes

  • Deletion modal only appears for a valid selected role; invalid delete requests show contextual toasts and reset the selection.
  • Delete actions more reliably target the intended role, reducing accidental deletes.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

---

Test data recreated from supabase#41600
Target state: open