feat: add role-based permissions and profile page improvements

- Add getMyMemberships API endpoint for user role lookup
- Add getMemberRole helper for profile page display
- Add role-based UI controls to study page (owner/researcher only)
- Add canManage checks to experiments, participants, trials pages
- Hide management actions for wizard/observer roles

Backend already enforces permissions; UI now provides cleaner UX

src/server/api/routers/studies.ts

@@ -1001,4 +1001,20 @@ export const studiesRouter = createTRPCRouter({
 
       return updatedPlugin;
     }),
+
+  getMyMemberships: protectedProcedure.query(async ({ ctx }) => {
+    const userId = ctx.session.user.id;
+
+    const memberships = await ctx.db.query.studyMembers.findMany({
+      where: eq(studyMembers.userId, userId),
+      columns: {
+        studyId: true,
+        role: true,
+        joinedAt: true,
+      },
+      orderBy: [desc(studyMembers.joinedAt)],
+    });
+
+    return memberships;
+  }),
 });