[Admin UI] Editing Organizational Roles should have special behavior

Background

Roles whose names start with "Organizational:" are supposed to have special behavior.

Organization roles (i.e., job titles) should not be conflated with authorization. Organizational roles (like "Doctor" or "Nurse") could have a list of default/suggested application roles or privileges for convenience when setting up new accounts, but we should not assume all people in the same organizational role will have the same authorizations. In short, organization roles can suggest application roles & privileges, but an organizational role does not and should not automatically imply any authorization to use the system. The existence of organizational roles in the authorization system is an unfortunate artifact of history.

Design Still Needed

We need to decide whether to address this (hackily?) in the Reference Application at all, or instead make appropriate changes in openmrs-core.

If we choose to address this in the Reference Application, we need to decide how.

Acceptance Criteria

1. When you edit a role whose name starts with "Organizational:" from Configure Metadata, you should not be able to assign it any privileges
2. When you edit a role whose name starts with "Organizational:" from Configure Metadata, it should only be able to inherit from other Organizational Roles.
3. The current Organizational Roles in the Reference Metadata module (e.g. Doctor, Nurse, ...) must be changed so that we maintain the same general system behavior, but without having those inherit from Application Roles. [DESIGN NEEDED]