More fine grained permissions system

[sklirg]

Currently the permissions system is linear. You cannot be allowed to manage the meeting and issues unless you are also allowed to vote (but you can toggle who can currently vote, that's another case).

I suggest implementing a permission system using ACL instead of a linear numeric scale.

This is the same way Django does it, as well as how OAuth2 scopes works.

A user with the CAN_VOTE permission level could instead of having permissions: 5 have permissions: ['CAN_VOTE'].

A user with the IS_MANAGER permissions could instead of having permissions: 10 have permissions: ['IS_MANAGER'], and optionally 'CAN_VOTE'.

The same goes for superusers. They can have CAN_VOTE and IS_SUPERUSER, but they can also not have IS_MANAGER (or can manage could be a better word in this context), which removes the possibility to manage the meeting.

This makes it possible to finely tune which user can do what, e.g. based on membership rules and attendance, without having to give someone rights they shouldn't have (e.g. that managers ("tellekorps") have to be able to vote).