Replace possiblePermissions array in frontend/components/Permissions.js with 'POSSIBLE_PERMISSIONS_QUERY'

This would allow someone to ping the API to learn what kind of permissions are available from the backend. Currently, it is an array defined in `./backend/datamodel.graphql`: 

```
enum Permission {
  ADMIN
  USER
  ITEMCREATE
  ITEMUPDATE
  ITEMDELETE
  PERMISSIONUPDATE
}
```