[Backend] Implement fine-grained access control

[galadhremmin]

Currently, there are only three supported roles: Anonymous, User and Administrators. Administrators have access to everything whereas Users have access to logged-in features related to their user account.

By adding fine grained access control, we can create intermediary roles to empower the creation of community. For example, a select cohort of users can have contribution review permissions. Or perhaps auditors can ensure that the quality of the dictionary is top-notch.

[galadhremmin]

Some access rights:

• Contributions
  • Add contributions
  • Edit your own contributions
  • Edit others' contributions
  • Remove your own contributions
  • Remove others' contributions
  • Approve contributions
  • Reject contributions
  • User's contributions are auto-approved
• Discuss
  • Add posts
  • Add groups
  • Edit your own posts
  • Edit others' posts
  • Remove your own posts
  • Remove others' posts
  • Remove groups
  • Apply sticky
  • Lock groups
• Inflections
  • Add inflections
  • Edit inflections
  • Remove inflections
• Types of speech
  • Add types of speech
  • Edit types of speech
  • Remove types of speech
• Glossary
  • Delete other's phrases
  • View JSON representation
  • View Glossary summary (/admin/gloss)
• Phrases
  • Delete other's phrases
  • View JSON representation
• Accounts
  • Go incognito
  • Edit other's profiles
  • View account list (/admin/account)
  • Filter accounts
  • View account
  • Add roles
  • Remove roles
  • View audit trail
• System errors
  • View system errors
  • View failed jobs
  • Access infrastructure tests

This list is not comprehensive. We'll have to review access permissions accordingly while implementing this feature.