Backport of UI: Don't show Resultant-ACL banner when wildcard policy present into release/1.15.x

[hc-github-team-secure-vault-core]

Backport

This PR is auto-generated from #26233 to be assessed for backporting due to the inclusion of the label backport/1.15.x.

🚨

Warning automatic cherry-pick of commits failed. If the first commit failed,
you will see a blank no-op commit below. If at least one commit succeeded, you
will see the cherry-picked commits up to, not including, the commit where
the merge conflict occurred.

The person who merged in the original PR is:
@hashishaw
This person should manually cherry-pick the original PR into a new backport PR,
and close this one when the manual backport PR is merged in.

merge conflict error: POST https://api.github.com/repos/hashicorp/vault/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

---

This PR is to update the behavior of the Resultant ACL banner so that it no longer shows in child namespaces if the user has a "*" path in their policy.

• Ent tests passed

How to test

To set up namespaces with some users to log in and verify the behavior, run the following script:

# create namespace
vault namespace create admin
vault namespace create -namespace=admin child

# create policies
vault policy write root-admin - <<EOF
path "*" {
capabilities = ["read", "list", "create", "update", "delete"]
}
EOF
vault policy write -namespace=admin admin - <<EOF
path "*" {
capabilities = ["read", "list", "create", "update", "delete"]
}
EOF

# create users
vault auth enable userpass
vault write auth/userpass/users/root password=password policies=root-admin
vault auth enable -namespace=admin userpass
vault auth tune -namespace=admin -listing-visibility="unauth" userpass
vault write -namespace=admin auth/userpass/users/admin password=password policies=admin

Test 1

• Log into root namespace with root username
• resultant-acl banner is not rendered
• Navigate to admin namespace
  - Previously, resultant-acl banner would show but with these changes it does not
• Change namespace in url to some namespace that does not exist (eg "foo")
  - Previously, resultant-acl banner would show but with these changes it does not

Test 2

• Log into admin namespace with admin username
• resultant-acl banner is not rendered
• Navigate to child namespace
  - Previously, resultant-acl banner would show but with these changes it does not
• Change namespace in url to some namespace that does not exist (eg "foo")
• Resultant-acl banner should show

Before

After

This PR also updates the Resultant-ACL banner so that it only shows when a user has a non-expired token.

---

Overview of commits

• f8f40c3

[hashicorp-cla-app]

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes

---

temp seems not to be a GitHub user.
You need a GitHub account to be able to sign the CLA.
If you have already a GitHub account, please add the email address used for this commit to your account.

_{Have you signed the CLA already but the status is still pending? Recheck it.}

[github-actions]

CI Results:
All Go tests succeeded! ✅

[hashishaw]

Closed in favor of #26271