Update Staff permissions for contacts, websites, addresses and domain information and application

src/registrar/admin.py

@@ -294,6 +294,26 @@ class ContactAdmin(ListHeaderAdmin):
 
     contact.admin_order_field = "first_name"  # type: ignore
 
+    # Read only that we'll leverage for CISA Analysts
+    analyst_readonly_fields = [
+        "user",
+    ]
+
+    def get_readonly_fields(self, request, obj=None):
+        """Set the read-only state on form elements.
+        We have 1 conditions that determine which fields are read-only:
+        admin user permissions.
+        """
+
+        readonly_fields = list(self.readonly_fields)
+
+        if request.user.has_perm("registrar.full_access_permission"):
+            return readonly_fields
+        # Return restrictive Read-only fields for analysts and
+        # users who might not belong to groups
+        readonly_fields.extend([field for field in self.analyst_readonly_fields])
+        return readonly_fields  # Read-only fields for analysts
+
 
 class WebsiteAdmin(ListHeaderAdmin):
     """Custom website admin class."""
@@ -420,9 +440,6 @@ class DomainInformationAdmin(ListHeaderAdmin):
         "creator",
         "type_of_work",
         "more_organization_information",
-        "address_line1",
-        "address_line2",
-        "zipcode",
         "domain",
         "submitter",
         "no_other_contacts_rationale",
@@ -557,9 +574,6 @@ class DomainApplicationAdmin(ListHeaderAdmin):
     analyst_readonly_fields = [
         "creator",
         "about_your_organization",
-        "address_line1",
-        "address_line2",
-        "zipcode",
         "requested_domain",
         "alternative_domains",
         "purpose",