Check if user can create package in npm create package service

• Please check this box if this contribution uses AI-generated content (including content generated by GitLab Duo features) as outlined in the GitLab DCO & CLA. As a benefit of being a GitLab Community Contributor, you can request access to GitLab Duo.

What does this MR do and why?

• The npm create package service was missing a check for unauthorized users.
• This check is helpful and recommended as discussed in a discussion thread, see !135475 (comment 2145733098)
• This change was also implemented for the pypi package in antoher MR, see !168071 (merged)

🛠️ with ❤️ at Siemens

References

Please include cross links to any resources that are relevant to this MR This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

• !135475 (comment 2145733098)
• !168071 (merged)

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

MR Checklist (@gerardo-navarro)

• Changelog entry added, if necessary
• Documentation created/updated via this MR
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Tested in all supported browsers
• Conforms to the code review guidelines
• Conforms to the merge request performance guidelines
• Conforms to the style guides
• Conforms to the javascript style guides
• Conforms to the database guides

Screenshots or screen recordings

Only backend changes.

How to set up and validate locally

1. Run this respective test

bundle exec rspec './spec/services/packages/npm/create_package_service_spec.rb:191'

Related to #323970 (closed)