Sidebar shows top level CRDs when user has no permissions
When listing CRDs on the web console's sidebar, even though users could have no permissions whatsoever for some of them, the top level links are still enabled, which would take users to sections of the dashboard to which they would not be able interact with.
Possible Solution
If users has no permissions (get, list, create, patch nor delete) for a specific CRD, do not load its list/link on the sidebar.