fix: check edit permissions before loading tree into editor

TreeEditorPage now verifies canEditTree() after fetching tree data but
before loading it into the editor store. Previously only checked
canCreateTrees which doesn't prevent non-owners from editing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

frontend/src/pages/TreeEditorPage.tsx

@@ -15,7 +15,7 @@ export function TreeEditorPage() {
   const { id } = useParams<{ id: string }>()
   const navigate = useNavigate()
   const isEditMode = !!id
-  const { canCreateTrees } = usePermissions()
+  const { canCreateTrees, canEditTree } = usePermissions()
 
   const {
     name,
@@ -93,6 +93,10 @@ export function TreeEditorPage() {
         setLoading(true)
         try {
           const tree = await treesApi.get(id)
+          if (!canEditTree({ author_id: tree.author_id, team_id: tree.team_id })) {
+            navigate('/trees')
+            return
+          }
           loadTree(tree)
         } catch (err) {
           console.error('Failed to load tree:', err)