settings: Handle guests separately for group-based settings.

This commit adds code to handle guests separately for group
based settings, where guest will only have permission if
that particular setting can be set to "role:everyone" group
even if the guest user is part of the group which is used
for that setting. This is to make sure that guests do not
get permissions for actions that we generally do not want
guests to have.

Currently the guests do not have permission for most of them
except for "Who can delete any message", where guest could
delete a message if the setting was set to a user defined
group with guest being its member. But this commit still
update the code to use the new function for all the settings
as we want to have a consistent pattern of how to check whether
a user has permission for group-based settings.

zerver/lib/streams.py

@@ -22,7 +22,7 @@ from zerver.lib.stream_traffic import get_average_weekly_stream_traffic, get_str
 from zerver.lib.string_validation import check_stream_name
 from zerver.lib.timestamp import datetime_to_timestamp
 from zerver.lib.types import APIStreamDict
-from zerver.lib.user_groups import is_user_in_group
+from zerver.lib.user_groups import user_has_permission_for_group_setting
 from zerver.models import (
     DefaultStreamGroup,
     NamedUserGroup,
@@ -642,7 +642,11 @@ def can_remove_subscribers_from_stream(
 
     group_allowed_to_remove_subscribers = stream.can_remove_subscribers_group
     assert group_allowed_to_remove_subscribers is not None
-    return is_user_in_group(group_allowed_to_remove_subscribers, user_profile)
+    return user_has_permission_for_group_setting(
+        group_allowed_to_remove_subscribers,
+        user_profile,
+        Stream.stream_permission_group_settings["can_remove_subscribers_group"],
+    )
 
 
 def filter_stream_authorization(