Hide contribution payments from demo user(s) (#738)

* Hide payment contribution options from demo and manually created users

Demo data users and manually created users don't have stripe_customer_id
set on their family, so they should not see payment/contribution options.

Changes:
- Add can_manage_subscription? method to Family::Subscribeable that checks
  for presence of stripe_customer_id
- Guard Settings::PaymentsController to return 403 for users without
  stripe_customer_id
- Guard SubscriptionsController#show action (Stripe portal redirect) for
  users without stripe_customer_id
- Update settings navigation to hide the payment link when
  stripe_customer_id is not present
- Add tests for the new behavior

* Fix broken test

---------

Co-authored-by: Claude <noreply@anthropic.com>

app/controllers/subscriptions_controller.rb

@@ -1,6 +1,9 @@
 class SubscriptionsController < ApplicationController
   # Disables subscriptions for self hosted instances
-  guard_feature if: -> { self_hosted? }
+  before_action :guard_self_hosted, if: -> { self_hosted? }
+
+  # Disables Stripe portal for users without stripe_customer_id (demo users, manually created users)
+  guard_feature unless: -> { Current.family.can_manage_subscription? }, only: :show
 
   # Upgrade page for unsubscribed users
   def upgrade
@@ -58,6 +61,10 @@ class SubscriptionsController < ApplicationController
   end
 
   private
+    def guard_self_hosted
+      render plain: "Feature disabled: subscriptions are not available in self-hosted mode", status: :forbidden
+    end
+
     def stripe
       @stripe ||= Provider::Registry.get_provider(:stripe)
     end