Admin only custom field

[brunoslalmeida]

Is your feature request related to a problem? Please describe.
Currently, Vendure allows the creation of custom fields, but lacks a mechanism to control the visibility of these fields based on user roles. This presents a challenge when certain items should not be visible to all users, with access restricted only to users with specific roles or administrators.

Describe the solution you'd like
Introduce functionality within Vendure to enable the control of custom field visibility based on user roles. This feature would allow administrators to designate which roles have access to view and edit specific custom fields, ensuring that sensitive or restricted information remains hidden from unauthorized users.

1. Role-Based Visibility and Editability Settings: Enhance the custom field creation interface to include options for specifying which user roles can view and edit each custom field.
2. Integration with Role Permissions: Integrate the visibility and editability settings with Vendure's existing role permissions system, ensuring that only users with the appropriate roles can access and modify designated custom fields.
3. Admin Interface Update: Reflect the configured visibility and editability settings within the admin interface, providing administrators with a clear overview of which roles have access to view and edit each custom field.
4. Backend Enforcement of Access Control: Implement backend logic to enforce visibility and editability restrictions, ensuring that unauthorized users cannot view or modify restricted custom fields, whether through the admin interface or API requests.
5. Documentation and Guidance: Provide comprehensive documentation and guidance to assist administrators in configuring custom field visibility and editability based on user roles effectively.

Describe alternatives you've considered
Today solution can be found at this discussion: https://discordapp.com/channels/1100672177260478564/1204351680104112129

Additional context
One such scenario is the need for administrators to define custom fields, such as a "Featured" flag to qualify sellers, which should only be editable by administrators. Despite granting sellers access to their profile pages for editing their information, certain fields, like the "Featured" flag, should neither be visible nor editable by sellers.