feat: permissions refactor, added create permissions

[golanglemonade]

• Updates the fga model to allow for additional object creation permissions based on group membership, tests added to each create to test for access
• Updates the ent template to include a basic policy for new schemas
• Upgrades iam dependency (which cleans up a lot of unnecessary code in the auth_checks.go generated file and adds some helper wrappers)
• Adds a new policy package (internal/ent/privacy/policy/base.go) to make writing the policies in the schemas cleaner using With options
• Should be a 1:1 replacement in all the schemas of the old policies -> new policies - only additional create policies were added to schemas
• mixins in the schema package were all renamed to be prefixed with mixin_ to make them easier to find (they need to live in the schema package because they have dependencies on the package itself
• Two mixins added/updated:
  • internal/ent/schema/mixin_createacess.go : adds the to/from fields for org -> group access and adds the hooks for adding tuples to fga. This currently contains a manual list of objects types, I want to follow-up later to see if these can be pulled based on annotations in the schema instead
  • internal/ent/schema/mixin_grouppermissions.go: updates to add the reverse edges to the group schema so we don't have to manually add three fields for every editor/viewer/blocked group
• Updates testing suite to output error logs when using the -v flag; removed the -v flag from the task command that runs in CI.

[sonarcloud]

Quality Gate passed

Issues
5 New issues
0 Accepted issues

Measures
0 Security Hotspots
77.7% Coverage on New Code
2.7% Duplication on New Code

See analysis details on SonarQube Cloud