fix: [UIE-9737] - IAM Permissions performance improvements: Firewall entity assignment

[abailly-akamai]

Description 📝

This PR prevents fetching permissions for every linode or nodebalancer when attempting to assign an entity to a firewall. It does so by utilizing the new /entities/<entity_type>?permission=<permission> endpoint.

Changes 🔄

• Fetch available entities with new endpoint and remove fetching logic from the <FirewallDeviceActionMenu /> component
• Map response and send result to <FirewallDeviceActionMenu />
• Update permission disabled messaging
• Update test

Scope 🚢

Upon production release, changes in this PR will be visible to:

• All customers
• Some customers (e.g. in Beta or Limited Availability)
• No customers / Not applicable

Preview 📷

Before	After

How to test 🧪

👉 Use a restricted DevCloud IAM account with large data sets (many linodes)
use a combination of the following permissions:

• linode_viewer: all linodes
• linode_contributor: one linode
• linode_admin: one linode
• firewall_admin: one firewall

Reproduction steps

• Navigate to /firewalls/{firewall you are admin of}/linodes or /firewalls/{firewall you are admin of}/nodebalancers
• 🚫 notice the a permission request for every entity instance

Verification steps

• Navigate to /firewalls/{firewall you are admin of}/linodes or /firewalls/{firewall you are admin of}/nodebalancers
• ✅ notice only one permission request to entities
• ✅ confirm no regression with permission checks
• ✅ confirm permission messaging between linode_contributor and linode_admin linodes (delete_firewall_device check)

Author Checklists

As an Author, to speed up the review process, I considered 🤔

👀 Doing a self review
❔ Our contribution guidelines
🤏 Splitting feature into small PRs
➕ Adding a changeset
🧪 Providing/improving test coverage
🔐 Removing all sensitive information from the code and PR description
🚩 Using a feature flag to protect the release
👣 Providing comprehensive reproduction steps
📑 Providing or updating our documentation
🕛 Scheduling a pair reviewing session
📱 Providing mobile support
♿ Providing accessibility support

• I have read and considered all applicable items listed above.

As an Author, before moving this PR from Draft to Open, I confirmed ✅

• All tests and CI checks are passing
• TypeScript compilation succeeded without errors
• Code passes all linting rules

[linode-gh-bot]

Cloud Manager UI test results

🔺 23 failing tests on test run #2 ↗︎

❌ Failing	✅ Passing	↪️ Skipped	🕐 Duration
23 Failing	839 Passing	11 Skipped	92m 27s

Details

Failing Tests
	Spec	Test
❌	upgrade-volume.spec.ts	Cloud Manager Cypress Tests→volume upgrade/migration » can upgrade an unattached volume to NVMe
❌	upgrade-volume.spec.ts	Cloud Manager Cypress Tests→volume upgrade/migration » can upgrade an attached volume from the volumes landing page
❌	upgrade-volume.spec.ts	Cloud Manager Cypress Tests→volume upgrade/migration » can upgrade an attached volume from the linode details page
❌	delete-volume.spec.ts	Cloud Manager Cypress Tests→volume delete flow » deletes a volume
❌	attach-volume.spec.ts	Cloud Manager Cypress Tests→volume attach and detach flows » attaches a volume to a Linode
❌	migrate-linode-with-firewall.spec.ts	Cloud Manager Cypress Tests→Migrate Linode With Firewall » migrates linode with firewall - real data
❌	smoke-create-image.spec.ts	Cloud Manager Cypress Tests→create image (using mocks) » create image from a linode
❌	create-database.spec.ts	Cloud Manager Cypress Tests→create a database cluster, mocked data » creates a g6-nanode-1 MySQL v8.x 1-node cluster
❌	create-database.spec.ts	Cloud Manager Cypress Tests→create a database cluster, mocked data » creates a g6-dedicated-2 MySQL v8.x 2-node cluster
❌	create-database.spec.ts	Cloud Manager Cypress Tests→create a database cluster, mocked data » creates a g6-dedicated-2 MySQL v5.x 3-node cluster
❌	create-database.spec.ts	Cloud Manager Cypress Tests→create a database cluster, mocked data » creates a g6-nanode-1 PostgreSQL v13.x 3-node cluster
❌	create-database.spec.ts	Cloud Manager Cypress Tests→create a database cluster, mocked data » creates a g7-premium-2 MySQL v8.x 1-node cluster
❌	create-database.spec.ts	Cloud Manager Cypress Tests→create a database cluster, mocked data » creates a g7-premium-4 MySQL v8.x 2-node cluster
❌	linode-config.spec.ts	Cloud Manager Cypress Tests→Linode Config management→End-to-End » Clones a config
❌	resize-linode.spec.ts	Cloud Manager Cypress Tests→resize linode » resizes a linode by increasing size: warm migration
❌	resize-linode.spec.ts	Cloud Manager Cypress Tests→resize linode » resizes a linode by increasing size: cold migration
❌	resize-linode.spec.ts	Cloud Manager Cypress Tests→resize linode » resizes a linode by decreasing size
❌	machine-image-upload.spec.ts	Cloud Manager Cypress Tests→machine image » uploads machine image, mock upload canceled failed event
❌	machine-image-upload.spec.ts	Cloud Manager Cypress Tests→machine image » uploads machine image, mock failed to decompress failed event
❌	machine-image-upload.spec.ts	Cloud Manager Cypress Tests→machine image » uploads machine image, mock expired upload event
❌	linode-storage.spec.ts	Cloud Manager Cypress Tests→linode storage tab » deletes a disk when Linode Disk Encryption is enabled
❌	linode-storage.spec.ts	Cloud Manager Cypress Tests→linode storage tab » add a disk
❌	linode-storage.spec.ts	Cloud Manager Cypress Tests→linode storage tab » resize disk

Troubleshooting

Use this command to re-run the failing tests:

pnpm cy:run -s "cypress/e2e/core/volumes/upgrade-volume.spec.ts,cypress/e2e/core/volumes/delete-volume.spec.ts,cypress/e2e/core/volumes/attach-volume.spec.ts,cypress/e2e/core/firewalls/migrate-linode-with-firewall.spec.ts,cypress/e2e/core/images/smoke-create-image.spec.ts,cypress/e2e/core/databases/create-database.spec.ts,cypress/e2e/core/linodes/linode-config.spec.ts,cypress/e2e/core/linodes/resize-linode.spec.ts,cypress/e2e/core/images/machine-image-upload.spec.ts,cypress/e2e/core/linodes/linode-storage.spec.ts"