refactor: Refactor permissions into module for improved readability and testability

- Refactored the `permissions.py` file into a permissions module
- Entities now have their own has_permission function, and the core `has_permission` function acts as a dispatcher. This structure significantly improves readability and testability of the permissions boundary. It also greatly improves its extensibility for future permissions updates.
- Added comprehensive tests for all implemented permissions. Tests are modular and can be easily added to and changed.

Author: bencap

src/mavedb/lib/permissions.py

@@ -0,0 +1,27 @@
+"""
+Permission system for MaveDB entities.
+
+This module provides a comprehensive permission system for checking user access
+to various entity types including ScoreSets, Experiments, Collections, etc.
+
+Main Functions:
+    has_permission: Check if a user has permission for an action on an entity
+    assert_permission: Assert permission or raise exception
+
+Usage:
+    >>> from mavedb.lib.permissions import Action, has_permission, assert_permission
+    >>>
+    >>> # Check permission and handle response
+    >>> result = has_permission(user_data, score_set, Action.READ)
+    >>> if result.permitted:
+    ...     # User has access
+    ...     pass
+    >>>
+    >>> # Assert permission (raises exception if denied)
+    >>> assert_permission(user_data, score_set, Action.UPDATE)
+"""
+
+from .actions import Action
+from .core import assert_permission, has_permission
+
+__all__ = ["has_permission", "assert_permission", "Action"]

src/mavedb/lib/permissions/__init__.py

@@ -0,0 +1,15 @@
+from enum import Enum
+
+
+class Action(Enum):
+    LOOKUP = "lookup"
+    READ = "read"
+    UPDATE = "update"
+    DELETE = "delete"
+    ADD_EXPERIMENT = "add_experiment"
+    ADD_SCORE_SET = "add_score_set"
+    SET_SCORES = "set_scores"
+    ADD_ROLE = "add_role"
+    PUBLISH = "publish"
+    ADD_BADGE = "add_badge"
+    CHANGE_RANK = "change_rank"