Docs/user permissions documentation (Resolving Issue#88)

[praniketkw]

📄 Description

This PR adds comprehensive documentation for the user permissions system as requested in issue #88.

While issue #88 was previously addressed with a Google Spreadsheet, this PR provides in-repository documentation that is easier to maintain and more comprehensive

The document covers the four user roles (Volunteer, Manager, Admin, Super Admin) and their specific permissions. Each role's access to users and surveys is detailed with the exact conditions that apply. I've also included the user lifecycle, approval process, and practical examples showing how permissions are evaluated in real scenarios.

All permissions were verified against the actual implementation in the codebase to ensure accuracy.

✅ Checklist

• Tests added/updated where needed
• Docs added/updated if applicable
• I have linked the issue this PR closes (if any)

🔗 Related Issues

Resolves #88

💡 Type of change

Type	Checked?
🐞 Bug fix	[ ]
✨ New feature	[ ]
📝 Documentation	[x]
♻️ Refactor	[ ]
🛠️ Build/CI	[ ]
Other (explain)	[ ]

🧪 How to test

1. Review the documentation for completeness and clarity
2. Cross-reference the permission tables with the code in server/src/permissions/abilityBuilder.ts
3. Verify that all four roles are documented with accurate permissions
4. Check that the examples make sense and help explain the system
5. Confirm internal links work correctly

📝 Notes to reviewers

I went through the CASL permission implementation carefully to make sure this documentation matches the actual code behavior. Each permission was verified against the abilityBuilder.ts file. I've included real-world examples to help users understand how