Access policy check for new snippet button

What does this MR do?

Adds a couple of check to avoid displaying the New Snippet button to users without :create_snippet permission:

• In the user's profile Snippets tab, we were using the ability to populate the link to the new snippet form. The partial, however was rendering the button even when the link was not there (as a result of not having the correct ability). In this case, the button didn't take the user to the New Snippet form, it just reloaded the page.

• Previously, only the non-empty state for project snippets was checking for the ability. As a result, when the project had snippets the project_snippets page showed the button to any user. Clicking on the button resulted in a 404 error for guest users.

Screenshots

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• [-] Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• [-] Database guides
• [-] Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• [-] Tested in all supported browsers

Ref: #55240 (closed)