Audit of routes

[cysjonathan]

Upon migration to single-page application with React frontend, to-do a full audit of all routes:
For each route, to access at each user level:
Within the course, to test

• non-course user
• course student (non-phantom and phantom)
• course instructor (non-phantom and phantom)
• course manager (non-phantom and phantom)
• course owner (non-phantom and phantom)

And with combination of each instance roles

• normal user
• instructor
• admin

There should be a total of 27 roles:

s/n	instance_role	course_role	phantom
1	normal	non-user	-
2	normal	student	normal
3	normal	student	phantom
4	normal	instructor	normal
5	normal	instructor	phantom
6	normal	manager	normal
7	normal	manager	phantom
8	normal	owner	normal
9	normal	owner	phantom
10	instructor	non-user	-
11	instructor	student	normal
12	instructor	student	phantom
13	instructor	instructor	normal
14	instructor	instructor	phantom
15	instructor	manager	normal
16	instructor	manager	phantom
17	instructor	owner	normal
18	instructor	owner	phantom
19	admin	non-user	-
20	admin	student	normal
21	admin	student	phantom
22	admin	instructor	normal
23	admin	instructor	phantom
24	admin	manager	normal
25	admin	manager	phantom
26	admin	owner	normal
27	admin	owner	phantom

Any routes that are unused or orphaned should be pruned.
Behaviour for each route should also follow expected access control, or documented if not already specified.