settings: Handle guests separately for group-based settings.

This commit adds code to handle guests separately for group
based settings, where guest will only have permission if
that particular setting can be set to "role:everyone" group
even if the guest user is part of the group which is used
for that setting. This is to make sure that guests do not
get permissions for actions that we generally do not want
guests to have.

Currently the guests do not have permission for most of them
except for "Who can delete any message", where guest could
delete a message if the setting was set to a user defined
group with guest being its member. But this commit still
update the code to use the new function for all the settings
as we want to have a consistent pattern of how to check whether
a user has permission for group-based settings.

zerver/models/users.py

@@ -770,7 +770,7 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings):
         return False
 
     def has_permission(self, policy_name: str, realm: Optional["Realm"] = None) -> bool:
-        from zerver.lib.user_groups import is_user_in_group
+        from zerver.lib.user_groups import user_has_permission_for_group_setting
         from zerver.models import Realm
 
         if policy_name not in [
@@ -798,7 +798,8 @@ class UserProfile(AbstractBaseUser, PermissionsMixin, UserBaseSettings):
                 # setting fields using select_related.
                 realm = self.realm
             allowed_user_group = getattr(realm, policy_name)
-            return is_user_in_group(allowed_user_group, self)
+            setting_config = Realm.REALM_PERMISSION_GROUP_SETTINGS[policy_name]
+            return user_has_permission_for_group_setting(allowed_user_group, self, setting_config)
 
         policy_value = getattr(self.realm, policy_name)
         if policy_value == Realm.POLICY_NOBODY: