Merge branch 'settings-dropdown-permissions' into 'master'

Fix displaying of project settings links the user cannot access.

## What does this MR do?

It fixes the Project Settings dropdown displaying project settings links that the user cannot actually access.

## Are there points in the code the reviewer needs to double check?

I've tested combinations I can think of, feel free to mess around with and see if it breaks?

## Why was this MR needed?

Users were seeing links in the Project Settings dropdown that they shouldn't have seen, if they clicked them they would be shown permission errors.

## What are the relevant issue numbers?

#18294 

## Screenshots (if relevant)

Users without any permissions:

![Screen_Shot_2016-06-10_at_10.41.27_AM](/uploads/b70ca18a36b5f774b85694d8f1728882/Screen_Shot_2016-06-10_at_10.41.27_AM.png)

Guest members of the project:

![Screen_Shot_2016-06-10_at_10.48.36_AM](/uploads/a37986b4daa789063661c2fa8cf59d43/Screen_Shot_2016-06-10_at_10.48.36_AM.png)

Full permissions:

![Screen_Shot_2016-06-10_at_10.41.57_AM](/uploads/4c5cc97962e69a1a72ee8e237591ec22/Screen_Shot_2016-06-10_at_10.41.57_AM.png)

cc: @dzaporozhets @annabeldunstone @jschatz1 

See merge request !4599

app/views/layouts/nav/_project.html.haml

 - if current_user
-  .controls
   - access = user_max_access_in_project(current_user.id, @project)
   - can_edit = can?(current_user, :admin_project, @project)
+  .controls
     .dropdown.project-settings-dropdown
       %a.dropdown-new.btn.btn-default#project-settings-button{href: '#', 'data-toggle' => 'dropdown'}
         = icon('cog')
         = icon('caret-down')
       %ul.dropdown-menu.dropdown-menu-align-right
-        = render 'layouts/nav/project_settings'
+        = render 'layouts/nav/project_settings', access: access, can_edit: can_edit
+        - if can_edit || access
           %li.divider
           - if can_edit
             %li

app/views/layouts/nav/_project_settings.html.haml

@@ -3,30 +3,30 @@
     = link_to namespace_project_project_members_path(@project.namespace, @project), title: 'Members', class: 'team-tab tab' do
       %span
         Members
-
-- if @project.allowed_to_share_with_group?
+- if access && can_edit
+  - if @project.allowed_to_share_with_group?
     = nav_link(controller: :group_links) do
       = link_to namespace_project_group_links_path(@project.namespace, @project), title: "Groups" do
         %span
           Groups
-= nav_link(controller: :deploy_keys) do
+  = nav_link(controller: :deploy_keys) do
     = link_to namespace_project_deploy_keys_path(@project.namespace, @project), title: 'Deploy Keys' do
       %span
         Deploy Keys
-= nav_link(controller: :hooks) do
+  = nav_link(controller: :hooks) do
     = link_to namespace_project_hooks_path(@project.namespace, @project), title: 'Webhooks' do
       %span
         Webhooks
-= nav_link(controller: :services) do
+  = nav_link(controller: :services) do
     = link_to namespace_project_services_path(@project.namespace, @project), title: 'Services' do
       %span
         Services
-= nav_link(controller: :protected_branches) do
+  = nav_link(controller: :protected_branches) do
     = link_to namespace_project_protected_branches_path(@project.namespace, @project), title: 'Protected Branches' do
       %span
         Protected Branches
 
-- if @project.builds_enabled?
+  - if @project.builds_enabled?
     = nav_link(controller: :runners) do
       = link_to namespace_project_runners_path(@project.namespace, @project), title: 'Runners' do
         %span