rbac: fix invitations listing with restricted permissions (#8227)

* rbac: fix missing permission definition for list

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* core: fix users's system_permissions not including role permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* core: don't require permissions for users/me/

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* web/admin: catch error when listing stages on invitation page fails

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* Revert "rbac: fix missing permission definition for list"

This reverts commit fd7572e699.

* Revert "core: don't require permissions for users/me/"

This reverts commit 9df0dbda8a.

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

authentik/core/api/users.py

@@ -227,9 +227,9 @@ class UserSelfSerializer(ModelSerializer):
     def get_system_permissions(self, user: User) -> list[str]:
         """Get all system permissions assigned to the user"""
         return list(
-            user.user_permissions.filter(
-                content_type__app_label="authentik_rbac", content_type__model="systempermission"
-            ).values_list("codename", flat=True)
+            x.split(".", maxsplit=1)[1]
+            for x in user.get_all_permissions()
+            if x.startswith("authentik_rbac")
         )
 
     class Meta: