Docs: note User-Member Linking enforcement in code

- update_user restricted via ActorIsAdmin; Form gates Member-Linking UI

docs/roles-and-permissions-architecture.md

@@ -2002,6 +2002,8 @@ Users and Members are separate entities that can be linked. Special rules:
 - A user cannot link themselves to an existing member
 - A user CAN create a new member and be directly linked to it (self-service)
 
+**Enforcement:** The User resource restricts the `update_user` action (which accepts the `member` argument for link/unlink) to admins only via `Mv.Authorization.Checks.ActorIsAdmin`. The UserLive.Form shows the Member-Linking UI and runs member link/unlink on save only when the current user is admin; non-admins use the `:update` action (email only) for profile edit.
+
 ### Approach: Separate Ash Actions
 
 We use **different Ash actions** to enforce different policies:

lib/mv/authorization/permission_sets.ex

@@ -120,7 +120,6 @@ defmodule Mv.Authorization.PermissionSets do
       pages: [
         # No "/" - Mitglied must not see member index at root (same content as /members).
         # Own profile (sidebar links to /users/:id) and own user edit
-        "/profile",
         "/users/:id",
         "/users/:id/edit",
         "/users/:id/show/edit",
@@ -156,7 +155,6 @@ defmodule Mv.Authorization.PermissionSets do
       pages: [
         "/",
         # Own profile (sidebar links to /users/:id; redirect target must be allowed)
-        "/profile",
         "/users/:id",
         "/users/:id/edit",
         "/users/:id/show/edit",
@@ -206,7 +204,6 @@ defmodule Mv.Authorization.PermissionSets do
       pages: [
         "/",
         # Own profile (sidebar links to /users/:id; redirect target must be allowed)
-        "/profile",
         "/users/:id",
         "/users/:id/edit",
         "/users/:id/show/edit",

lib/mv_web/live/user_live/form.ex

@@ -95,7 +95,7 @@ defmodule MvWeb.UserLive.Form do
                 </ul>
               </div>
 
-              <%= if @user do %>
+              <%= if @user && @can_manage_member_linking do %>
                 <div class="p-3 mt-3 border border-orange-200 rounded bg-orange-50">
                   <p class="text-sm text-orange-800">
                     <strong>{gettext("Admin Note")}:</strong> {gettext(