Inconsistent capability checks on settings page

[swissspidy]

Looking at #2692, I realized that even contributors have access to the AMP settings page, even though you cannot actually change the settings.

There's a message saying:

You do not have permission to modify these settings. They are shown here for your reference. Please contact your administrator to make changes.

Screenshot:

There are a few problems I see on that page:

1. The Experiences checkboxes are not readonly.
2. There are links to AMP Validated URLs and AMP Validation Error Index.
   1. The user can access the AMP Validated URLs screen, but cannot perform any action.
   2. The user has no access to the AMP Validation Error Index screen.
3. This settings page is totally irrelevant for contributors and basically any user who is not an admin.
   Users on my site should not need to see this screen. They don't even know what AMP is, nor should they need to know.

Suggested changes:

1. Make checkboxes readonly
2. Prevent access to AMP Validated URLs screen for users without the necessary permission
3. Hide "View current site compatibility results for standard and transitional modes" link if user lacks permission
4. Prevent access to settings screen if user lacks permission

[swissspidy]

Sort of related support request: https://wordpress.org/support/topic/hide-amp-in-side-bar-for-specific-roles-authors/

[westonruter]

I've opened #3005 to address this.