Add page visibility by group with centralized matrix

Introduce a Page Visibility Matrix that controls which pages each user
group can access, enforced in both frontend and backend:

Frontend:
- Create frontend/src/config/pageVisibility.js with PAGE_VISIBILITY
  matrix and canAccessPage() / getAccessiblePages() helpers
- NavDrawer: replace inline requiredGroups with canAccessPage() filter
- App.js: replace per-page isInGroup()/isAdmin() checks with generic
  route guard in setCurrentPage; remove VALID_PAGES constant
- localStorage validation: verify persisted page is accessible on load

Backend (page-level access enforcement):
- jiraTickets.js: add router-level requireGroup('Admin','Standard_User')
- archerTemplates.js: add router-level requireGroup('Admin','Standard_User')
- VCL multi-vertical already had requireGroup('Admin','Leadership')

Visibility matrix:
- Home, Knowledge Base: all groups
- Triage, Compliance, Exports: Admin, Standard_User, Leadership
- CCP Metrics: Admin, Leadership
- Jira, Archer Templates: Admin, Standard_User
- Admin Panel: Admin only
- Read_Only sees only Home and Knowledge Base

frontend/src/App.js

@@ -19,20 +19,20 @@ import ArcherTemplatePage from './components/pages/ArcherTemplatePage';
 import HomePage from './components/pages/HomePage';
 import FeedbackModal from './components/FeedbackModal';
 import NotificationBell from './components/NotificationBell';
+import { canAccessPage } from './config/pageVisibility';
 import './App.css';
 
-const VALID_PAGES = new Set(['home', 'triage', 'compliance', 'knowledge-base', 'exports', 'jira', 'admin', 'archer-templates']);
-
 export default function App() {
-  const { isAuthenticated, loading: authLoading, canWrite, isAdmin, isInGroup } = useAuth();
+  const { isAuthenticated, loading: authLoading, canWrite, user } = useAuth();
 
   const [currentPage, setCurrentPageRaw] = useState(() => {
     try {
       const saved = localStorage.getItem('cve-dashboard-page');
-      return saved && VALID_PAGES.has(saved) ? saved : 'home';
+      return saved && canAccessPage(saved, user?.group) ? saved : 'home';
     } catch { return 'home'; }
   });
   const setCurrentPage = (page) => {
+    if (!canAccessPage(page, user?.group)) { setCurrentPageRaw('home'); return; }
     setCurrentPageRaw(page);
     try { localStorage.setItem('cve-dashboard-page', page); } catch {}
   };
@@ -160,18 +160,16 @@ export default function App() {
           </div>
         </div>
 
-        {/* Page content */}
+        {/* Page content — generic route guard via canAccessPage */}
         {currentPage === 'home'            && <HomePage onNavigate={handleNavigate} showAddCVE={showAddCVE} setShowAddCVE={setShowAddCVE} />}
         {currentPage === 'triage'          && <VulnerabilityTriagePage filterDate={calendarFilter} filterEXC={reportingExcFilter} />}
         {currentPage === 'compliance'      && <CompliancePage onNavigate={setCurrentPage} />}
-        {currentPage === 'ccp-metrics'     && isInGroup('Admin', 'Leadership') && <CCPMetricsPage />}
-        {currentPage === 'ccp-metrics'     && !isInGroup('Admin', 'Leadership') && (() => { setCurrentPage('home'); return null; })()}
+        {currentPage === 'ccp-metrics'     && <CCPMetricsPage />}
         {currentPage === 'knowledge-base'  && <KnowledgeBasePage />}
         {currentPage === 'exports'         && <ExportsPage />}
         {currentPage === 'jira'            && <JiraPage />}
         {currentPage === 'archer-templates' && <ArcherTemplatePage />}
-        {currentPage === 'admin' && isAdmin() && <AdminPage />}
-        {currentPage === 'admin' && !isAdmin() && (() => { setCurrentPage('home'); return null; })()}
+        {currentPage === 'admin'           && <AdminPage />}
 
         {/* Global Modals */}
         {showUserManagement && <UserManagement onClose={() => setShowUserManagement(false)} />}