* Do not allow adding stock owners as data providers
* Do not allow removing stock owners as data providers
* Do not allow adding managing agents as data providers
* Do not allow removing managing agents as data providers and fix remove_stock_owner
* Authorise add managing agent/stock owner pages
* Refactor organisation_relationship_policy
* Update test names
* Refactor policy and remove headers from tests
* Display active status is location/scheme deactivation is in more than 6 months
* Override existing location deactivation period with new deactivation
* Override existing scheme deactivation period with new deactivation
* add reactivate to policy
* Change status tag method
* Update instance double in test
* Update deactivates_in_a_long_time? method
* Uncoment a test
# Context
- https://digital.dclg.gov.uk/jira/browse/CLDC-1732
- data providers are given read-only able access to schemes and locations
# Changes
- introduce `pundit` policies to schemes and locations. the old scope mechanism has been removed
- apply policies at view level so hide write access based functionality from data providers
# Context
- https://digital.dclg.gov.uk/jira/browse/CLDC-2294
- When bulk upload returns a results page it would be useful if colleagues of the uploader can see this page to help fix errors
- It would also be useful if support users can see these reports to help diagnose bulk upload errors
# Changes
- Added `pundit` gem to handle authorization
- Bulk upload results previously only accessible to the bulk uploader. Now they can be seen by users in the same org as the uploader and also support users