Optimize READ users should not be able to create Optimize entities outside of a collection. We should validate against this happening on request, based on the Optimize Authorizations of the user.

ATs:

• READ users cannot create entities outside of a collection
• Within a collection, READ users will have their collection role respected
• READ users cannot create dashboards/collections via a magic link
• READ users can create EBPs (but not reports from them outside a collection) if they have explicit authorization for event based processes
• READ users can still read (but not edit) previously created entities outside of a collection